1 to 25 of 30 Permanent SOAR Jobs in the UK

inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud ...

knowledge across common Incident Response and Security Monitoring applications such as SIEM (e.g., Qradar, Splunk), EDR (e.g., FireEye HX, CrowdStrike Falcon, Microsoft Defender), and SOAR (Palo Alto XSOAR, Google Secops/Chronicle) Desire to build technical skills and hands-on knowledge in the following areas of security operations and incident ...

and remediation actions in coordination with senior engineers and incident response leads. Develop and refine detection content, queries and automated workflows within SIEM/SOAR tooling. Provide customers with clear incident summaries, technical explanations and remediation guidance. Identify emerging threats and document relevant tactics, techniques, and procedures. Support structured threat ...

identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator with ...

define and report meaningful security metrics to demonstrate risk reduction and operational performance. · Knowledge of automation techniques for repetitive security tasks (e.g., using SOAR tools or scripting). · Knowledge of threat intelligence and proactive threat hunting. Desirable · Familiarity with cloud security operations (Azure and AWS). · Understanding of compliance requirements ...

need from you? Deep expertise in securing cloud platforms (AWS, Azure, GCP) with a focus on financial services Proven experience with tools like SIEM, SOAR, IDS/IPS, and cloud-native security solutions Strong understanding of encryption protocols, key management systems, and IAM best practices Hands-on experience with container ...

ServiceNow SecOps modules - including Security Incident Response , Vulnerability Response , Threat Intelligence , and Configuration Compliance . Lead integration of ServiceNow with key cybersecurity tools - SIEM , SOAR , EDR , CMDB , Threat Intelligence platforms , and OT/ICS systems . Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation ...

. • Experience implementing zero-trust architectures and identity-driven security models. • Knowledge of monitoring platforms such as Azure Monitor, Sentinel, or enterprise SIEM/SOAR tools. • Experience with backup, DR, and business continuity solutions. • Certification in Microsoft, Azure, or ITIL. Personal Attributes • Clear communicator with the ability to translate technical ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement ...

Update and maintain incident response plans, playbooks, and procedures - Provide 3rd-line support to IT colleagues and the wider business Technical Skills: - SIEM and SOAR platforms - Log analytics, rule creation, tuning, and threat hunting - Familiarity with security frameworks - Azure and M365 security configuration and alert investigation - Dashboards and visualisation tools ...

audits- Update and maintain incident response plans, playbooks, and procedures- Provide 3rd-line support to IT colleagues and the wider businessTechnical Skills:- SIEM and SOAR platforms- Log analytics, rule creation, tuning, and threat hunting- Familiarity with security frameworks- Azure and M365 security configuration and alert investigation- Dashboards and visualisation tools ...

equivalent Strong experience securing Microsoft cloud environments (Azure) design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges ...

equivalent Strong experience securing Microsoft cloud environments (Azure) - design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security Embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges ...

and Terraform Technologies AWS, GCP, Azure and private Data Centers Kubernetes, Helm, Flux Distributed systems, mostly Golang based with CockroachDB and NATS SIEM/SOAR, EDR, CNAPP, and a suite of open source tools with custom integrations This is a fully remote role, please email your CV to apply ...

needs, for which you will be additionally compensated. Who You Are Keen interest in security and want to develop Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud ...

needs, for which you will be additionally compensated. Who You Are Keen interest in security and want to develop Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud ...

needs, for which you will be additionally compensated. Who You Are Keen interest in security and want to develop Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud ...

needs, for which you will be additionally compensated. Who You Are Keen interest in security and want to develop Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud ...

deal velocity Microsoft Security Knowledge: Hands-on experience with Microsoft Sentinel, Defender for Cloud and Purview Strong understanding of cloud security architecture, SIEM/SOAR and compliance frameworks (ISO 27001, NIST, GDPR) Familiarity with Azure, Microsoft 365 and hybrid environments Microsoft certifications: SC-900 essential; SC-100 and ...

CSPM, and CWP. Automation & Integration : Using Sentinel Graph, Microsoft Graph Security API, playbooks, Logic Apps, Power Automate. Threat Management : SIEM for detection, response, hunting; SOAR workflow design; KQL queries, custom rules, UEBA. Identity & Access Security : Entra ID, Conditional Access, Identity Protection, PIM. Email Security : Microsoft Defender for O365, Darktrace … detection and response. Understanding of compliance standards (ISO 27001, NIST CSF, GDPR, SOC 2). Familiarity with third-party integrations (e.g., Threat Intelligence Platforms, SOAR tools, Security APIs). Certifications (Preferred): Microsoft SC-100, AZ-500, SC-200, SC-300. CISSP, CCSP. Benefits - GB: Enjoy a benefits package designed ...

Microsoft Security (Defender, Sentinel, Purview, Entra) and integrate Qualys vulnerability management for continuous threat detection and remediation. Automate & Innovate: Lead the charge on automation (SOAR, IaC, workflow automation) and embed Gen AI into security operations, threat intelligence, and reporting. Set Standards: Develop and enforce security architecture standards, governance, and best … would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through ...

identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills JBRP1_UKTJ ...

enriching detection and response activities and informing risk and compliance stakeholders. Technical Architecture & Integration * Design and implement a continuous monitoring reference architecture, leveraging SIEM, SOAR, UEBA, and threat intelligence. * Establish enterprise logging standards covering log coverage, retention, encryption, access, and integrity requirements. * Drive automation of monitoring workflows and correlation logic … least 5 years in security monitoring, SOC leadership, or equivalent detection & response functions. * Proven track record of building or maturing monitoring capabilities (SIEM, SOAR, telemetry pipelines, UEBA, threat intel integration). * Knowledge of log ingestion, normalization, correlation, and enrichment processes. * Familiarity with leading monitoring technologies: Splunk, DataDog, Microsoft Defender, CrowdStrike ...

Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 – £60,000 depending on experience Dynamic (hybrid) working :2 days … subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and ...