1 to 25 of 31 Contract SOAR Jobs in the UK

Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced within the information security More ❯

critical services and 72+ services proactively monitored by our in-house SOC (Security Operations Centre). Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience in Xsiam More ❯

in-house SOC (Security Operations Centre). Please note that this role requires a current SC Clearance Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience in More ❯

cybersecurity threats and trends. Familiarity with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call More ❯

cybersecurity threats and trends. Familiarity with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call More ❯

cybersecurity threats and trends. Familiarity with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call More ❯

cybersecurity threats and trends. Familiarity with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Key Responsibilities of the Security Engineer Monitor, investigate, and respond … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Beneficial Experience Exposure to Operational Technology More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Key Responsibilities of the SOC Analyst Monitor, investigate, and respond … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Beneficial Experience Exposure to Operational Technology More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft's security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct … functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security (Azure & AWS) . More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (eg, Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (eg, Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct … functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security (Azure & AWS) . More ❯

IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: 2+ years in security platform management ( SIEM, SOAR ). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience in … recruitment process or if there is a better way for us to communicate, please do let us know. Cyber, Security, Cybersecurity, Infosecurity, InfoSec, SIEM, Security Information Event Management, SOAR, Security Orchestration Automation Response, XSIAM, Extended Security Intelligence Automation Management, Security Check, Sc Level, Sc Cleared, Sc Clearance, Security Cleared, Security Clearance, Security Vetting Clearance, Active SC, SC Vetted, Cleared To More ❯

IR35 - Due to the service of the role, it will now be based on an Umbrella solution. Essential skills/experience required: 2+ years in security platform management ( SIEM, SOAR ). Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users). Experience in creating/managing security playbooks and knowledge of public sector standards. Experience in … recruitment process or if there is a better way for us to communicate, please do let us know. Cyber, Security, Cybersecurity, Infosecurity, InfoSec, SIEM, Security Information Event Management, SOAR, Security Orchestration Automation Response, XSIAM, Extended Security Intelligence Automation Management, Security Check, Sc Level, Sc Cleared, Sc Clearance, Security Cleared, Security Clearance, Security Vetting Clearance, Active SC, SC Vetted, Cleared To More ❯

update you accordingly. Location: 10 South Colonnade, Canary Wharf, E14 4PU - On site negotiable as short term. Essential Criteria for the Role 2+ years in security platforms management (SIEM, SOAR).Expertise in enterprise-level monitoring and supporting large user bases (10,000+ users).Experience in creating/managing security playbooks and knowledge of public sector standards.Experience in Xsiam correlation/ More ❯

Response: Improve playbooks and processes, lead escalated security incidents, oversee remediation and recovery actions, track incidents, liaise with partners, report findings, and apply root cause analysis with lessons learned. SOAR Development: Support and develop the SOAR platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse … log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical knowledge of SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, web/email filtering, behavioural analytics, TCP/IP and OT protocols, and security applications. Understanding of adversarial TTPs and frameworks such … as MITRE ATT&CK. Experience with SIEM and SOAR solutions, IAM, and DLP tools (e.g. FortiSIEM, Q-Radar, Microsoft Secure Gateway, Darktrace, Microsoft Defender, Sentinel). Experience developing incident response playbooks, SOAR workflows, red-team exercises, and tabletop simulations. Experience in investigating advanced intrusions, such as targeted ransomware or state-sponsored attacks. Summary: My client are looking for an experienced More ❯

Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯

Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯

of the MITRE ATT&CK framework. - Good knowledge of enterprise computing technologies. Skills: - Understanding of enterprise networking and computing - Knowledge of Python 3 programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating … content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across the business - Technical documentation creation - Mentoring junior members of the team - The ability to obtain UK Government security clearance to SC - Relevant industry and vendor qualifications such as CISSP, CISM, CompTIA security+ - Cyber security framework knowledge such More ❯

of the MITRE ATT&CK framework. - Good knowledge of enterprise computing technologies. Skills: - Understanding of enterprise networking and computing - Knowledge of Python 3 programming language - Demonstrable experience in using SOAR tooling and its application - Application of data science against large datasets involving unstructured data and designing data models - Knowledge of using SIEM platforms to identify suspected security events and creating … content to enhance the platform - Knowledge of custom API's to leverage the SOAR's functionality - Ability to communicate to other stakeholders across the business - Technical documentation creation - Mentoring junior members of the team - The ability to obtain UK Government security clearance to SC - Relevant industry and vendor qualifications such as CISSP, CISM, CompTIA security+ - Cyber security framework knowledge such More ❯

We are currently recruiting for a Senior Security Engineer with experience in SIEM/SOAR that is eager to join UK GOV department - SC Cleared envionmen t for a short term contract until end of the year 2025 About the role: Work in the Monitoring and Integration Platform Team and deliver against the initial phase of the security monitoring project … onboarding several critical services that are proactively monitored by the in-house SOC (Security Operations Centre). Essential Experience: 2+ years in security platforms management (SIEM, SOAR). Enterprise-level monitoring and supporting large user bases (10,000+ users). Create/manage security playbooks and knowledge of public sector standards. Experience in Xsiam correlation/playbooks and Cortex XDR More ❯