1 to 25 of 32 Permanent SOAR Jobs in England

record of team development and cross-functional collaboration Preferred Qualifications Security certifications such as CISSP, GCIH, GCFA, OSCP, or SIEM-specific certifications Experience leading SOC optimization projects and implementing SOAR solutions Background in offensive security (Red Team/Purple Team) is a plus Why Join? Opportunity to lead and build cutting-edge SOC operations Work with top-tier security professionals More ❯

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case … customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst/or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft Sentinel, Splunk, Qradar, or Humio/Logscale is More ❯

Cloud technologies ESSENTIAL Other requirements: Proven experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview in real-world environments. Strong understanding of cloud security architecture, SIEM/SOAR, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and data protection. Familiarity with Azure, Microsoft 365, and hybrid cloud environments. Understanding of security operations, incident response, and threat intelligence. CORE COMPETENCIES More ❯

Sentinel within a critical operational technology (OT) environment. The ideal candidate will possess deep hands-on expertise in Sentinel and a strong background in broader cybersecurity domains, particularly SIEM, SOAR, and Threat Intelligence. This is a technical professional (TP) contract role. Primary Role and Responsibilities: The candidate will serve as the Technical SME for Microsoft Sentinel and is expected to … Language (KQL) for detection rule development and log analysis. Proven experience in Log Source Integration across diverse environments, including OT, network, and endpoint security tools. Strong practical knowledge of Security Orchestration, Automation, and Response (SOAR) , particularly using Azure Logic Apps or similar platforms. If interested, or you know someone that could be, please reach out and we can arrange a More ❯

skills, attention to detail, The ability to execute response actions such as endpoint isolation, IOC blocking, malware scans, and user containment Threat monitoring and detection Threat intelligence and hunting SOAR and automation Skills MS Sentinel/Defender for Endpoint Understanding Mitre Att&ck framework Required 2+ years exp in a SOC environment Experience from MSSP/MSP supporting multiple clients More ❯

/Experience: Strong knowledge in Authentication, Endpoint Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), PKI, DLP, IAM, and SOC technologies such as EDR and SOAR Good knowledge of SIEM tools like Google Chronicle, Splunk ES, or QRadar In-depth familiarity with security policies based on industry standards and best practices Experienced in security operations, incident More ❯

and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading complex cybersecurity projects. Strong client engagement and stakeholder management skills. Practical knowledge of Agile methodologies and ceremonies. Experience mentoring junior colleagues and More ❯

and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading complex cybersecurity projects. Strong client engagement and stakeholder management skills. Practical knowledge of Agile methodologies and ceremonies. Experience mentoring junior colleagues and More ❯

and security architecture. Hands-on experience with: SIEM Rapid7, InsightIDR XDR (SentinelOne preferred) Firewalls (Fortinet preferred) PAM (Delinea preferred) SSE/ZTNA (Netskope preferred) Cloud security/CNAPP SOAR Automation tools (Ansible, Terraform) A track record of leading complex cybersecurity projects. Strong client engagement and stakeholder management skills. Practical knowledge of Agile methodologies and ceremonies. Experience mentoring junior colleagues and More ❯

architecture role. Background working with or for a VAR, Systems Integrator, or Security Vendor highly desirable . Technical Expertise Strong understanding of enterprise security technologies, including firewalls, SIEM/SOAR, IAM, DLP, SASE, Zero Trust, and cloud security. Working knowledge of AWS, Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or equivalent security More ❯

with little guidance The ability to pick up new languages and technologies quickly Experience handling security incidents and investigating anomalies as part of a team Knowledge of EDR, SIEM, SOAR, or related security tools Strong Candidates May Also Have Experience With Experience performing security operations or investigations involving large-scale Kubernetes environments A high level of proficiency in Python and More ❯

scripts in Python JavaScript or PowerShell is a plus Experience with security design and architecture, content development, workload automation and use-cases Experienced with technologies such as EDR, SIEM, SOAR, NGFW and their ecosystems Familiarity with cloud technologies, providers (such as GCP, AWS, Azure) Familiarity with attack surface management is a plus Experience in customer-facing roles (internal or external More ❯

sure our customers are eager to use Torq's solution exponentially. Triaging and Prioritizing reported customers Incidents What We're Looking For 2+ years of hands-on experience with SOAR/Automation technologies or a similar role. 5+ years in customer-facing positions such as post-sales engineering, customer success engineering, or technical services. Proven expertise in security, automation, scripting More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

and custom detections Familiarity with adversary TTPs and the MITRE ATT&CK framework Experience with endpoint forensics, malware analysis, and security event correlation Hands-on experience with SIEM and SOAR platforms Solid understanding of operating system internals (macOS, Windows, Linux) Experience with security in a SaaS environment and working closely with engineering teams Background in using DevOps toolsets and programming More ❯

to detail. Service Architecture: Experience in design, implementation and costing of managed security solutions, preferably in the area of Managed Detection and Response (MDR) and/or SIEM/SOAR/SOC. Network: The candidate has an extensive network in the cybersecurity industry. Willingness to travel: The role requires sporadic travel activities for partner as well as internal appointments. Why More ❯

with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional Information: Hybrid or on-site work model. Occasional travel for global alignment or vendor engagements. Ability to operate in a fast More ❯

through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security More ❯

secure storage/access principles. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated authentication models Understanding of security automation concepts, including security orchestration and response (SOAR) including ability to script or automate repetitive tasks. What do we offer in return? Flexible working patterns as standard, annual salary reviews, company paid private medical More ❯

Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR … OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics More ❯

Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure and onboard diverse log sources including Nozomi Networks, firewalls, EDR (e.g., Defender for Endpoint), VMDR … OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics More ❯