1 to 25 of 30 SOAR Jobs in the UK excluding London

seeking an experienced Senior SOAR Engineer to join the Cyber Security function of a leading investment bank. This is a key technical role within the Security Engineering team, where you will act as the primary owner of the SOAR platform, driving its design, configuration, maintenance, and continuous enhancement. You will … and the ability to collaborate across Security Operations, Engineering, and DevOps teams. What you'll do: Act as the Subject Matter Expert (SME) for Security Orchestration, Automation and Response (SOAR). Lead the configuration, enhancement, and ongoing maintenance of the SOAR platform (Chronicle SOAR). Own and maintain architectural documentation ...

Linux and Cloud environments Encryption – Familiarity with encryption protocols and technologies Penetration Testing – Ability to assess and interpret penetration test results Security Tools – SIEM, SOAR, EDR, UTM Cloud Security – Understanding of AWS, Azure, etc. Security Frameworks – Knowledge of MITRE ATT&CK, NIST, etc. Consulting Skills Risk management, strategic planning, problem ...

developing and maintaining IT/OT vulnerability management programs and processes. This role performs and leads important tasks specialized at threat hunting, SIEM/SOAR, Network Security and other operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content ...

enrichment, and define standardized and automated containment workflows. Develop and manage operational procedures and reporting methodology. Manage and oversee security technology platforms (e.g. SIEM, SOAR, EDR, and email security). Monitor ongoing control performance and coordinate remediation where gaps are found. Automate operation procedures and reporting processes and integrate outputs ...

Center (MSSP) to ensure high‐fidelity alerting and low Mean Time to Resolve (MTTR). Tooling Optimization : Own the security stack (SIEM, EDR, XDR, SOAR). Ensure tools are integrated, automated, and providing maximum ROI rather than just generating “noise.” Automation : Drive a “Detection as Code” philosophy to automate repetitive ...

Sentinel, Microsoft Purview, Defender suite, and Entra ID Security Operations (SecOps) expertise covering monitoring, triage, investigation, and incident response Microsoft Sentinel for advanced SIEM, SOAR, and threat detection use cases Identity and Access Management (IAM) including privileged access management and Zero Trust principles Endpoint, email, and cloud threat protection using ...

generalist cyber security role. Key Responsibilities Administer and optimise Microsoft Sentinel (or equivalent SIEM), including log ingestion, parsing, normalisation, and retention. Develop and maintain SOAR workflows and automation using Azure Logic Apps, Python, PowerShell, Bash, and KQL. Onboard and manage security telemetry from a range of data sources. Design, implement … procedures. Skills & Experience Experience engineering and supporting SIEM platforms, ideally Microsoft Sentinel. Strong scripting and automation skills (Python, PowerShell, Bash, KQL). Experience with SOAR technologies and security automation. Knowledge of detection engineering and threat hunting. Strong understanding of Windows and Linux logging. Good networking knowledge including TCP/ ...

working directly with security tooling in live environments Cloud security (Microsoft 365, Azure, AWS) Strong technical exposure to security tooling, such as: SIEM/SOAR, EDR/XDR, vulnerability scanners, patch management, CASB, DLP Good firewall experience Solid understanding of networking fundamentals (TCP/IP, firewall policies, VPNs) Desirable experience ...

content lifecycle: design, test, deploy, monitor, tune and retire, using version control and rollback processes. Automate workflows and platform configurations using CI/CD, SOAR, scripting and Infrastructure as Code tools such as Terraform and Ansible. Ensure platform performance, stability and resilience through capacity planning, high availability, disaster recovery and ...

Lead Implementer/Auditor, CEH or GIAC. Experience managing security certifications, third‐party risk programmes and assurance activities. Exposure to SIEM engineering, SOAR, IaC security (Terraform/Bicep), scripting for automation, and security tooling optimisation. Knowledge of the water industry or its regulatory landscape. Previous management experience - leading a team ...

role - current active DV clearance is essential +Inside IR35 +£575 - £630 a day +Corsham/Portsmouth Key Skills: ISO27001 DV Cleareance SIEM/SOAR - Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . We are seeking an experienced Senior SOC Analyst to join a high-performing Cyber Security Operations … security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports ...

security incidents and emerging threats. Conduct forensic investigations and malware analysis, producing actionable intelligence and Indicators of Compromise (IoCs). Tune and enhance SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports … improvement across SOC processes, tooling and service delivery. Essential Skills & Experience Current Developed Vetting (DV) Clearance . Strong experience administering and tuning SIEM and SOAR platforms. Hands-on experience with technologies such as Elastic, Trend Micro, Tripwire, Tanium, Clearswift and SolarWinds . Experience in threat hunting, incident response, digital forensics ...

remediation, validating fixes, and assisting with reporting. * Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and exposure ...

Response: Act as a technical escalation point for high-priority security incidents, employing EDR and SIEM tools for swift containment. Automate Security Processes: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response efficiency. Conduct Threat Hunting: Utilise specialised queries to proactively identify undetected malicious ...

with clear RACI and coherent operating model. Govern the security tooling strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms. Security Operations & Incident Response Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple-team ...

Implement identity access control measures and DLP controls Respond to Tier 3 security incidents Monitor threat intelligence Participate in pentests Engineer Microsoft Sentinel detections & SOAR playbooks Cyber Security Engineer: Technical Experience Microsoft Security: Defender of Endpoint, Identity, Cloud Apps, Office 365 Azure AD Microsoft Purview Cloud & Endpoint Security Azure Sentinel ...

troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring they integrate ...

hybrid environments Oversee patching, upgrades, and platform performance Drive platform improvements and engineering enhancements Support detection engineering, tuning, and platform optimisation Lead automation and SOAR initiatives to improve efficiency Collaborate with SOC providers on SIEM governance and data ingestion Ensure platforms meet regulatory and compliance requirements Maintain engineering documentation, standards ...

Advanced knowledge of SIEM operations, detection engineering, and RBA Experience with large-scale data ingestion, enrichment, and pipeline design Familiarity with automation tools, SOAR, Terraform/Ansible, and CI/CD Excellent communication, stakeholder management, and problem-solving skills This is a great opportunity to play a key role ...

operational activity. The successful candidate will be responsible for the day to day monitoring of multiple security devices, including SIEM, EDR, SOAR etc, ensuring that all customer SLAs are met. You will be required to work as part of the SOC team ensuring all SOC operational tasks are completed ...

controls aligned with the NIST Cyber Security Framework. What you'll be doing: * Maintain and optimise SOC PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. * Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. * Conduct forensic analysis, malware reverse … and continuous process improvement. * Maintain knowledge of current cyber threats and emerging trends. What you'll bring: * Proven hands-on experience with SIEM and SOAR platforms such as Trend, Elastic, or SolarWinds. * Strong understanding of Windows and Linux OS, log collection, and threat detection techniques. * Ability to create and modify ...

investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved detections Identify visibility gaps and … detail Excellent written and verbal communication skills Ability to translate technical findings into business and risk context Desirable Skills Experience with detection engineering or SOAR automation Purple team or red team collaboration experience Forensic analysis experience (memory, disk, network) Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR) Apply ...

Support – Assist with demos, scoping, and proof-of-value activities where required. Core Duties Automation Design & Development Build and maintain workflows across SIEM, EDR, and SOAR platforms Develop reusable scripts, templates, and components Ensure solutions support secure, multi-tenant environments Integration & Response Automation Orchestrate containment, enrichment, and remediation actions Integrate … cloud security, identity, and event-driven automation Strong communication and analytical skills Security clearance (NPPV and/or SC) may be required. Technical Knowledge Security orchestration and automation principles Scripting and integration patterns (APIs, webhooks) SOC detection and response workflows Threat intelligence integration and use case design Cloud and identity ...

and recommend remediation. Implement and maintain AWS security controls aligned to ISO 27001, NIST and cloud security best practices. Proficiency in building/configuring SOAR platforms such as Shuffler and Tracecat. Develop security automation tooling, scripts, and infrastructure as code processes to streamline security operations. Take ownership of security engineering … Integration into DevOps Workflow for UK Within 6 months: Continuous Improvement Initiatives Security Incident Management Integration into DevOps Workflow for EMEA/ANZ Complete SOAR implementation What’s in it for you? We operate a Flexible Working Policy and we would like for you to work from our London ...

management aligned to ITIL best practice Technologies you'll need experience with: Microsoft 365 — Admin, Security, Compliance, Exchange and GDAP Microsoft Sentinel (SIEM/SOAR) and incident triage/response Microsoft 365 Defender — Defender for Endpoint and Defender for Office 365 Microsoft Entra & Intune — Conditional Access, LAPS, Configuration Policies Active ...