22 of 22 Contract SOAR Jobs in the UK

cases aligned with threat models and operational requirements. Hands-on experience with security automation and orchestration, including scripting in Python, PowerShell, or using SOAR platforms to streamline response workflows. Solid understanding of threat modelling frameworks and practical application of threat hunting methodologies to proactively identify malicious activity. What happens ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

storage. * Ability to produce HLDs and LLDs with clarity and precision. * Excellent communication and stakeholder engagement skills. * Involved with integrating SentinelOne with SIEM/SOAR platforms (eg, Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: * SentinelOne certifications (eg, SentinelOne Certified Architect or equivalent). * Scripting knowledge (eg, PowerShell ...

storage. Ability to produce HLDs and LLDs with clarity and precision. Excellent communication and stakeholder engagement skills. Involved with integrating SentinelOne with SIEM/SOAR platforms (eg, Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: SentinelOne certifications (eg, SentinelOne Certified Architect or equivalent). Scripting knowledge (eg, PowerShell ...

storage. Ability to produce HLDs and LLDs with clarity and precision. Excellent communication and stakeholder engagement skills. Involved with integrating SentinelOne with SIEM/SOAR platforms (eg, Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: SentinelOne certifications (eg, SentinelOne Certified Architect or equivalent). Scripting knowledge (eg, PowerShell ...

storage. * Ability to produce HLDs and LLDs with clarity and precision. * Excellent communication and stakeholder engagement skills. * Involved with integrating SentinelOne with SIEM/SOAR platforms (e.g., Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: * SentinelOne certifications (e.g., SentinelOne Certified Architect or equivalent). * Scripting knowledge (e.g., PowerShell ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies Note, shift patterns applicable. (The shift pattern rotates each cycle - it may start with lates -> Nights -> earlies and ...

other members of the team to protect BAE Systems against cyber threats. Lead in the identification and the creation, maintenance and troubleshooting of SOAR playbooks, automations and enrichments. Apply critical thinking to solve unique problems in the information security space. Enhancing the processes around interacting with large datasets to construct ...

SIEM and build use cases to detect anomalous activity. Incident Response: Lead high-severity incidents, improve playbooks and manage remediation, communication and reporting. SOAR: Develop automated workflows to streamline detection, enrichment and response. Forensics: Perform forensic analysis across multiple data sources and recommend containment and eradication actions. Crisis Testing: Take ...

SIEM and build use cases to detect anomalous activity. Incident Response: Lead high-severity incidents, improve playbooks and manage remediation, communication and reporting. SOAR: Develop automated workflows to streamline detection, enrichment and response. Forensics: Perform forensic analysis across multiple data sources and recommend containment and eradication actions. Crisis Testing: Take ...

SIEM engineering. Strong understanding of security logs across domains (identity, network, system, data, cloud). Proficient in PowerShell and Python. Good knowledge of SOAR platforms. Leadership and stakeholder management skills ...

Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial … Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply ...

Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial … Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

building detections, integrations, and automation, and shaping the SOC technology roadmap. Key Requirements: Deep hands-on expertise with Microsoft Sentinel (KQL, analytic rules, UEBA, SOAR). Proven experience migrating from LogRhythm or another legacy SIEM to Sentinel. Strong experience building and tuning detections mapped to MITRE ATT&CK. Experience migrating ...

providing support to other members of the team to protect against cyber threats. Lead in the identification and the creation, maintenance and troubleshooting of SOAR playbooks, automations and enrichments. Apply critical thinking to solve unique problems in the information security space. Enhancing the processes around interacting with large datasets ...

identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills ...

lead escalated security incidents, oversee remediation and recovery actions, track incidents, liaise with partners, report findings, and apply root cause analysis with lessons learned. SOAR Development: Support and develop the SOAR platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic … chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical knowledge of SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, web/email filtering, behavioural analytics, TCP/IP and OT protocols, and security applications. Understanding ...

and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. … multiple domains (identity, access, network, systems, cloud, and applications). Proficiency in Python and/or PowerShell for data analysis and automation. Experience with SOAR platforms and security automation workflows. Excellent problem-solving, stakeholder management, and collaboration skills. Team leadership or mentoring experience is highly desirable. Preferred Technologies/Tools ...

leading the build, configuration, and integration across a vast environment. Your expertise will be crucial in defining security requirements, integrating with SIEM/SOAR platforms like Splunk, and ensuring successful deployment to Windows and RHEL endpoints. SentinelOne Architect/SME Essential Skills: Proven experience designing and deploying SentinelOne specifically within … produce high-quality HLDs and LLDs Hands-on experience with on-premises infrastructure, including virtualisation, networking, and storage Experience integrating SentinelOne with SIEM/SOAR solutions Experience deploying to both Windows and RHEL endpoints Eligibility for SC Security Clearance To be considered: Please either apply through this advert or emailing ...