1 to 25 of 27 SOAR Jobs in the UK excluding London

Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/ ...

Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/ ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

guidance What We’re Looking For Strong experience in cyber security operations, engineering, or incident response Hands-on expertise with Defender, Sentinel (SIEM/SOAR), Tenable, CASB, and cloud security (AWS/Azure) Experience delivering security improvements and technical control implementation PowerShell or automation scripting skills Solid understanding of frameworks ...

firewall management and security principles. Experience with security monitoring tools such as PRTG, Nagios and backup solutions like Veeam is beneficial, as with SIEM & SOAR technologies such as Elastic, Splunk, Phantom Virtualisation & Automation : Knowledge of virtualisation technologies like VMWare, Hyper-V, and Proxmox, along with experience in PowerShell, Python, Ansible ...

and risk-based prioritisation. Experience working in large, complex enterprise environments. Familiarity with regulatory and compliance requirements relevant to vulnerability management. Knowledge of SIEM, SOAR, EDR, and associated security tooling. Strong analytical skills with the ability to translate technical risk into clear, executive-level reporting. Experience supporting incident response and ...

Zero Trust Client configuration and rollout, including secure network and data access. Integrate Zero Trust solutions with identity providers (Entra AD, Okta), SIEM/SOAR systems, endpoint platforms, and data repositories. Assisting infrastructure teams in migrating legacy VPN, proxy, and firewall solutions to cloud native Zero Trust models, and supporting ...

Basic understanding of: ICS/SCADA systems and OT network architecture. Common OT protocols (Modbus, DNP3, OPC). Experience/Understanding of SIEM/SOAR solutions and OT-specific monitoring platforms (e.g. Nozomi Vantage). Knowledge of network environments (routing/switching/VLANS/Security/Wireless/etc. ...

issues, and drive continuous improvement across SOC processes. Collaborate with engineering, cloud, and cybersecurity teams to enhance log ingestion, telemetry quality, and SIEM/SOAR architecture Produce clear, structured incident reports, threat briefs, and stakeholder updates What you'll bring: Extensive hands-on experience with Microsoft Sentinel (SIEM) and Microsoft … attacker TTPs, threat intelligence sources, and MITRE ATT&CK mapping Proven experience leading major incidents in an enterprise SOC environment Strong understanding of SOAR automation and experience building Logic Apps-based playbooks Ability to interpret log data from diverse sources and build correlation logic that reduces false positives Experience with ...

Integrate security controls into Terraform and other IaC workflows Champion shift-left practicesenabling developers to self-remediate issues during build and coding stages Build SOAR playbooks to automate response and remediation workflows Experience Requirements 3+ years in Cybersecurity and CNAP-focused roles Deep AWS security expertise: IAM, Organizations, SCPs, cloud ...

security controls into Terraform and other IaC workflows Champion shift-left practices—enabling developers to self-remediate issues during build and coding stages Build SOAR playbooks to automate response and remediation workflows Experience Requirements 3+ years in Cybersecurity and CNAP-focused roles Deep AWS security expertise: IAM, Organizations, SCPs, cloud ...

and DWP MOU Hands-on expertise with Microsoft E5 security and compliance tools Extensive experience with Microsoft Sentinel, including configuration, monitoring and security automation (SOAR) Knowledge and experience of working in ITIL environments Hiring Process: Introductory call/meeting with Venn Group, to discuss your experience and the role ...

verbal communication for senior stakeholders. Desirable: experience in Critical National Infrastructure (CNI), OT/ICS environments, threat hunting, detection engineering, EDR/NDR/SOAR tools, and basic scripting or query skills (KQL, SQL, Python). Desirable qualifications: cyber security or computer science degree, and certifications such as CompTIA Security+ ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

with the ability to translate technical detail into clear business value. Excellent communication and presentation skills. Strong understanding of modern security architectures, including SIEM, SOAR, and Managed Security Services. Exposure to advanced security areas such as DDoS protection, Web Application Firewalls (WAF), Identity and Access Management (IDAM), Endpoint Detection and ...

Dublin, Ireland. Learn more at experianplc.com. Internal Grade D/EB8 Job Description Experian's Global Security Operations (GSO) team is seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team … will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context-aware automation. You'll lead Agile CI/CD initiatives, mentor engineers, and collaborate to deliver scalable, secure automation capabilities that enhance Experian's global security posture. Important Responsibilities Lead ...

z2bz0 years' experience across network and security engineering (design, build, operate) Strong troubleshooting across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR Hands-on automation experience (e.g., Ansible, Terraform, GitHub, Azure DevOps) Proven ITIL change leadership experience Major Incident Management (MIM) exposure Desirable Certifications CCNP/CCIE Zscaler Professional ...

technical complexity into clear business outcomes Confidence presenting to both technical and non-technical stakeholders A solid understanding of modern security architectures, including SIEM, SOAR, and managed security services Exposure to advanced security domains such as DDoS protection, WAF, IAM, EDR, MDM, and vulnerability management Continuous learning is a core ...

technical complexity into clear business outcomes Confidence presenting to both technical and non-technical stakeholders A solid understanding of modern security architectures, including SIEM, SOAR, and managed security services Exposure to advanced security domains such as DDoS protection, WAF, IAM, EDR, MDM, and vulnerability management Continuous learning is a core ...

and Major Incident Management (MIM), with a disciplined post-incident review culture. Excellent troubleshooting skills across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your ...

and enterprise IGA architecture. Strong understanding of identity lifecycle management, access governance, and Zero Trust security principles. Hands-on experience integrating SailPoint with SIEM, SOAR, PAM, and directory platforms. Experience contributing to enterprise architecture and security governance frameworks. Contract Details: Duration: 6 months Initially Day Rate: £600 per day (Inside ...

with enterprise architecture standards, secure by design principles, and regulatory requirements. - development of data ingestion, telemetry, and integration patterns between Darktrace, Defender, SIEM/SOAR tools, and existing security stacks. - production of architecture decision records, design patterns, and technical documentation for long-term maintainability. - Leading technical delivery workstreams, providing direction … across both platforms. - Coordinate testing, validation, and acceptance of detection capabilities, including simulation of realistic attack techniques. - Integrate Darktrace and Defender outputs into SIEM, SOAR, and ticketing systems. - Work with SOC and automation teams to design playbooks, response workflows, and escalation paths. - Ensure centralised logging, enrichment, and context tagging ...

teams during major incidents, drive containment and recovery, and own post-incident reviews and playbooks. The role includes mentoring CIRT analysts , enhancing SIEM/SOAR automation, and continuously improving processes using frameworks such as MITRE ATT&CK, NIST 800-61, and PCI DSS. What this job is really about Owning … runbook.? You've used InsightIDR or another MDR/SIEM platform for rule creation, tuning and dashboards, and you're not afraid of SOAR tools like InsightConnect or Cortex XSOAR.? Python or PowerShell are part of your toolkit, and retail networks, POS systems, and cloud infrastructure don't intimidate you. ...

security strategy. Apply foundational security principles to new technologies and unconventional scenarios while enabling organisational objectives. What We're Looking For SIEM/SOAR: Proficiency in SIEM concepts, data source integration, and creating SOAR runbooks. Security Stack : Hands-on with EDR, XDR, WAF, and email security solutions. Preferred Vendors: Experience ...

highly regulated environment, ideally in finance/banking. - Extensive knowledge of performing architecture reviews and driving cyber transformation programmes. - Strong knowledge of SIEM, SOAR, EDR/XDR, threat intelligence platforms, logging and monitoring frameworks. - Excellent communication and stakeholder management skills. Responsibilities - Perform a detailed analysis of the organisation's existing … cyber security operations. - Map out the current architecture, identifying strengths, weaknesses, gaps and inefficiencies. - Advise senior leadership on SecOps strategy, covering tooling, SIEM/SOAR use, incident response maturity, vendor consolidation and internal capability development. - Create actionable remediation plans and strategic roadmaps for long-term cyber resilience. What you need ...