1 to 25 of 43 Permanent SOAR Jobs in England

to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability … detailed documentation and knowledge transfer for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security More ❯

designing or implementing micro segmentation (e.g., Cisco Titration, Illumio, Guardicore) Background in regulated industries like financial services, healthcare, Resources or government Familiarity with DNS-based threat detection, SIEM/SOAR integration, and cloud security access brokers (CASB) Why Join Us at Accenture in This Role? Leadership in Next-Generation Cybersecurity : As a trusted security partner, Accenture leads the way in More ❯

affected systems, response actions, and improvement recommendations. Produce clear, detailed reports for client delivery. Technical Requirements: Hands-on experience in incident response and investigation using tools such as SIEM, SOAR, and EDR. Proficiency in analysing logs across multiple platforms (Networking, Windows, Mac, Linux, Cloud). Solid understanding of evidence collection and handling procedures. Familiarity with the NIST 800-61 incident More ❯

of security frameworks, such as NIST, ISO 27001, or similar. Excellent communication skills, with the ability to clearly convey technical details to diverse audiences. Previous experience in SIEM/SOAR within large-scale, complex environments. Familiarity with other security tools and technologies. Desirable Skills: Relevant certifications (e.g., CISSP, CEH, Microsoft Certified: Security, Compliance, and Identity Fundamentals) a plus. If you More ❯

record in security operations, incident response, and vulnerability management. - Experience managing enterprise-grade security platforms and working across diverse environments (cloud, hybrid, manufacturing). - Hands-on expertise with EDR, SOAR tooling, and SASE/SSE technologies. - Deep familiarity with frameworks such as NIST, MITRE ATT&CK, and other industry standards. - Strong stakeholder management skills and the ability to influence at More ❯

strategy, including RBAC, least-privilege provisioning, SSO, federation (OIDC/SAML), and privileged-access workflows. Monitoring, Detection & Response - Define audit logging, metrics, and telemetry requirements; integrate with SIEM/SOAR to deliver actionable alerts and playbooks for engineering-led incident response. Threat Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to More ❯

executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related More ❯

framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with SOAR platforms and building automated workflows. Benefits: View to Extension Salary: Up to £575 Per Day More ❯

met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of non More ❯

Microsoft 365, VPN, and cloud platforms. Deploy and manage IAM automation tools (e.g., IGA platforms) to streamline provisioning and access reviews. Security Engineering Integrate IAM controls with SIEM and SOAR platforms for real-time alerting and forensic investigations. Collaborate with Platform teams to ensure IAM remains embedded into CI/CD pipelines and cloud environments. Governance & Compliance Support audit readiness More ❯

Extensive expertise in threat intelligence, risk management, incident response, compliance (e.g. GDPR, ISO 27001), and security architecture ? Proficiency with tools such as Rapid7 InsightIDR/InsightVM, SentinelOne, Fortinet, Netskope, SOAR automation (Rapid7 InsightConnect), and cloud security (AWS/CNAPP) ? Proven experience leading complex cybersecurity engagements with cross-functional teams ? Strong communication skills, capable of advising senior stakeholders and working collaboratively More ❯

ISO 27001, ISA/IEC 62443, etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR and EDR. Knowledge and/or understanding of data and analytics in terms of cybersecurity implications. Missing skills? Let us be the judge! BMT are passionate about people; we recognise More ❯

cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and operational goals. Qualifications (Text Only) Required Qualifications: - Demonstrated experience deploying automation for security operations (SOAR platforms, script-based playbooks, API integrations). - Experience in security engineering, automation, or software engineering, preferably in cloud-native or regulated environments. - Strong programming/scripting skills (Python preferred) with More ❯

clients Confident producing clear documentation and reporting Desirable Skills: Certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, PCIP Penetration testing or red teaming exposure Experience with SIEM/SOAR platforms (e.g., Microsoft Sentinel) Familiarity with MSP toolsets (Autotask, IT Glue, Rewst) or automation experience Personal Attributes: Friendly and professional Excited about tech and thrives on developing understanding of new More ❯

clients Confident producing clear documentation and reporting Desirable Skills: Certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, PCIP Penetration testing or red teaming exposure Experience with SIEM/SOAR platforms (e.g., Microsoft Sentinel) Familiarity with MSP toolsets (Autotask, IT Glue, Rewst) or automation experience Personal Attributes: Friendly and professional Excited about tech and thrives on developing understanding of new More ❯

experience leading and managing technical teams. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO/IEC 27001, IAM). Proficiency with cybersecurity tools and platforms (e.g., SIEM, SOAR, SAS, Sandboxes, EDR solutions and cloud technologies). Working of knowledge of access control principles, cloud technologies (CNAPP, CSPM), data retention, and encryption methodologies. Excellent problem-solving, investigative mindset, and More ❯

clients during live cyber incidents, offering reassurance and expert guidance Produce detailed incident reports with root cause analysis and actionable recommendations Perform forensic and log analysis using SIEM, EDR, SOAR, and other security tools Collaborate across teams to enhance response playbooks and internal processes Stay informed on emerging threats and tactics to strengthen response strategies Skills/Must have: Proven More ❯

scripts in Python JavaScript or PowerShell is a plus Experience with security design and architecture, content development, workload automation and use-cases Experienced with technologies such as EDR, SIEM, SOAR, NGFW and their ecosystems Familiarity with cloud technologies, providers (such as GCP, AWS, Azure) Familiarity with attack surface management is a plus Experience in customer-facing roles (internal or external More ❯

architectures based on threat modelling insights. Tooling & Automation Deploy and manage application security tools and integrate them with existing platforms. Automate security tasks using scripting (e.g., Python, PowerShell) or SOAR platforms. Governance & Compliance Ensure alignment with ISO 27001, FCA, and NIST standards. Contribute to audit readiness and support compliance automation platforms such as Drata Collaboration & Training Work with engineering teams More ❯

Technology technical skills, with experience in coordination of technical teams and individual resources Proven ability to design and implement ingestion and transformation pipelines across modern data platforms Experience with SOAR solutions desirable Comfortable working in high pressure environments often outside of working hours throughout the course of an event An understanding of cyber security operations processes, procedures, guidelines and solutions More ❯

responding to threat detection systems, and contribute to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the maintenance of security More ❯

with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional Information: Hybrid or on-site work model. Occasional travel for global alignment or vendor engagements. Ability to operate in a fast More ❯

and understanding Windows, macOS, and Linux operating systems. Experience analyzing network and host-based security events. Professional experience using a wide range of investigative tools including EDR, SIEM/SOAR, UBA. Knowledge of networking technologies, specifically TCP/IP and related protocols. Experience with attacker tactics, techniques, and procedures. Experience making important decisions independently and multi-tasking under pressure. Experience More ❯

leader in safeguarding sensitive data and systems. Key Responsibilities/Duties Manage WAF and DDoS systems Manage the Web Security Gateway Manage the Email Security Gateway Manage the SIEM, SOAR, Identity Protection and EDR, and respond to alerts and threats. Carry out vulnerability scans, identify risks, and remediation. Manage the perimeter and VPN firewalls. Manage MFA and SSO. Manage MDM More ❯

leader in safeguarding sensitive data and systems. Key Responsibilities/Duties Manage WAF and DDoS systems Manage the Web Security Gateway Manage the Email Security Gateway Manage the SIEM, SOAR, Identity Protection, EDR, and respond to alerts and threats Carry out vulnerability scans, identify risks, and perform remediation Manage perimeter and VPN firewalls Manage MFA and SSO Manage MDM/ More ❯