21 of 21 Permanent SOAR Jobs in London

management and threat protection Security automation and DevSecOps integration Security Operations SOC transformation and cloud-native security ops Threat detection with XDR, NDR, and SOAR platforms Incident response planning and threat intelligence integration Regulatory alignment for DORA, NIS2, and UK-specific mandates Risk frameworks tailored by industry (FS, critical infrastructure More ❯

Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, NIST). Hands-on experience with EDR tools (CrowdStrike, Defender for Endpoint) and SIEM/SOAR platforms. Basic scripting for automation and reporting using PowerShell or Python. Working knowledge of network security protocols, VPNs, firewalls, and web filtering tools. Understanding of More ❯

have some of the following skills and experience: Experience in Cyber Threat Intelligence Experience in Threat Hunting Experience with the Microsoft Sentinel SIEM/SOAR platform Proficient in writing KQL Strong understanding of threat intelligence principles and practices. Strong understanding of security risk management Understanding of threat modelling Knowledge of More ❯

Monitoring Incident Response Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus, Nexpose) Anti-Malware/ More ❯

Current experience working with a SOC environment Microsoft Sentinel: Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL): Writing complex, efficient queries for advanced threat hunting and detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents More ❯

Center, AzureSentinel). Experiencewith security features and configurations. Proven experience of migrating from Cyber Essentialsto the Cyber Assessment Framework (CAF). Proven experience implementing SOAR services. StrongKnowledge of Windows Server security and Active Directory. Familiaritywith security frameworks and standards (e.g., NIST, ISO 27001). Experiencewith security tools and technologies (e.g. More ❯

with commercial threat intelligence and/or vulnerability tooling and systems i.e., Recorded Future, Tenable, Panaseer or similar solutions, Threat Intelligence platforms, SIEM and SOAR environments, and the development or implementation of new security tooling and dashboards. Security knowledge and experience : Professional experience in cyber security, specifically threat intelligence, incident More ❯

with technology vendors to optimize security services for peak effectiveness Research and collaborate internally and externally on open-source solutions Automate response processes with SOAR and related technologies Act in a purple team capacity to ensure effectiveness of security systems and controls Participate in cross-functional security functions to help More ❯

language. PREFERRED QUALIFICATIONS - 5+ years experience working in incident response, security operations, security automation tooling, hunting, or threat intelligence. - Familiarity with malware analysis, forensics, SOAR, SIEM platforms, or detection engineering and hunting. Demonstrable subject matter expertise in any of these domains a plus. - Proficiency across a variety of Operating Systems More ❯

programming or scripting language PREFERRED QUALIFICATIONS - 3+ years experience working in security response, security automation tooling, or threat intelligence - Familiarity with malware analysis, forensics, SOAR, SIEM platforms, and a variety of Operating Systems (MS Windows, Linux, MacOS) - Experience with Amazon Web Services - Meets/exceeds Amazon's leadership principles requirements More ❯

programming or scripting language PREFERRED QUALIFICATIONS 3+ years experience working in security response, security automation tooling, or threat intelligence Familiarity with malware analysis, forensics, SOAR, SIEM platforms, and a variety of Operating Systems (MS Windows, Linux, MacOS) Experience with Amazon Web Services Meets/exceeds Amazon's leadership principles requirements More ❯

helping customers get the most out of the platform’s capabilities. If you’ve got solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects More ❯

protocols, and standards. Proficiency with DevOps and DevSecOps tools (e.g. GitLab CI/CD, Ansible, Terraform). Experience with security tools like SIEM/SOAR (preferably Rapid7), IDS/IPS, vulnerability scanners, and code analysis tools (SonarCloud, Snyk, Chekov) Strong knowledge of network security, encryption, identity and access management, and More ❯

procedures. Requirements: 7+ years in SOC leadership roles. Proven experience designing and operating Security Operations Centers. Hands-on experience with SIEM platforms Expertise implementing SOAR and Threat Intelligence solutions. More ❯

of automation processes for security monitoring, alerting, and incident response. This includes developing and maintaining playbooks, workflows, and integrations with SOC tools (SIEM, EDR, SOAR). Incident Response & Threat Analysis: Coordinate and assist in the investigation of security incidents, focusing on both cloud and on-premises environments. Perform root cause … role, with a strong emphasis on automation, threat hunting, and cloud security (AWS, Azure). Technical Expertise: Strong understanding of SOC tools (SIEM, EDR, SOAR) and security automation frameworks. Proficiency in Python, SQL, and cloud infrastructure (AWS, Azure). Experience with cloud-native security services (e.g., WAF, IAM, Shield). More ❯

and document, spreadsheet, and presentation software. Experience with detection tuning and creation leveraging various security tools including SIEM, EDR, or NDR tools. Experience with Security Orchestration and Automated Response (SOAR) platforms. Preferred qualifications: Experience with Search Processing Language (SPL), Kusto Query Language (KQL), YARA-L or similar SIEM query languages. … Security Operations Center (SOC) to maintain effective incident detection and response capabilities. You will be developing and supporting automation playbooks within a client's Security Orchestration and Automated Response (SOAR) platform. You will work as a member of a technical team in a rapidly changing environment, administer a variety of … fidelity through metrics creation, tracking, responding to tuning requests, implementing incident-specific detection logic, etc. Support development of automations and orchestration playbooks in client SOAR platforms. Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the More ❯

OT monitoring solutions. Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs and vendor performance. Build and … NIST, ISO, GDPR). Stay ahead of evolving cyber threats and trends. Ideal Candidate Strong Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive More ❯

the integration and utilization of these key security tools. Responsibilities include designing and optimizing SIEM rules for superior threat detection and incident management, deploying SOAR tools for automated security responses, and ensuring robust API security. The engineer will oversee the performance and security posture of our platforms, customize client reports … XDR products Strong background in SIEM rule design and optimization Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions Experience with SOAR tools and automated security response implementations Familiarity with API security protocols and measures Ability to analyze large amounts of data from various sources to solve More ❯

Company Description: About Us McDonald's has run its business in the UK since 1974 and currently operates over 1500 restaurants across the UK and Ireland, serving almost four million customers each day. McDonald's is one of the UK More ❯

the IT Security Officer, to implement and maintain robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans, and incident response. Key Responsibilities: Manage WAF/DDoS, web/email security gateways … SIEM/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Essential Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 More ❯

technical challenges and proposing solutions or get-well plans. • Learns constantly about the Fortinet technology and products being deployed as part of the Fortinet SOAR solution. • Provides technical guidance or recommendations to engineers or consultants in charge of the delivery. • Performs risk management to minimize project risks. • Creates and maintains … . • Experience with SOC or NOC environments. A good understanding of SOC deployment or operation and/or typical SOC solutions or technologies (e.g. SOAR, SIEM, orchestration and automation, threat intelligence, incident response) would be a plus. • Proven ability to handle technical escalations, working closely with both technical and business More ❯