1 to 25 of 76 Permanent SOAR Jobs in the UK

and attack preparedness. Manage and maintain the suite of Cyber Security tools and platforms to enable effective prevention and detection of cyber threats. Drive security orchestration, automation, and response (SOAR) solutions for systems and operational playbooks to enable efficient discovery of security events and response actions. Produce relevant and accurate … CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry … standard frameworks (Mitre ATT&CK). Practical experience of incident response governance (lifecycles, frameworks, incident handling, etc.) and developing incident response playbooks/processes, Security Orchestration, Automation and Response (SOAR), running red-team exercises and tabletop crisis war games. Working knowledge of SIEM and SOAR solutions, Identity and Access Management More ❯

and attack preparedness. Manage and maintain the suite of Cyber Security tools and platforms to enable effective prevention and detection of cyber threats. Drive security orchestration, automation, and response (SOAR) solutions for systems and operational playbooks to enable efficient discovery of security events and response actions. Produce relevant and accurate … CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, GDPR. Working knowledge of security technologies including but not limited to SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry … standard frameworks (Mitre ATT&CK). Practical experience of incident response governance (lifecycles, frameworks, incident handling, etc.) and developing incident response playbooks/processes, Security Orchestration, Automation and Response (SOAR), running red-team exercises and tabletop crisis war games. Working knowledge of SIEM and SOAR solutions, Identity and Access Management More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall … stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration … for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience More ❯

or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. Develop automated response workflows for SOAR platforms targeting common attack vectors. Drive continuous improvement by refining detection use cases and enhancing SOC processes. Technical Skills & Experience: Hands-on experience with SIEM More ❯

or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. Develop automated response workflows for SOAR platforms targeting common attack vectors. Drive continuous improvement by refining detection use cases and enhancing SOC processes. Technical Skills & Experience: Hands-on experience with SIEM More ❯

protocols, threat actors, and attack vectors. Ability to analyse complex data and deliver actionable insights. Familiarity with scripting (Python or similar) and security automation (SOAR). Understanding of threat intelligence and its operational use. Desirable Skills: Experience in software engineering or penetration testing. Exposure to Splunk ES and development of More ❯

protocols, threat actors, and attack vectors. Ability to analyse complex data and deliver actionable insights. Familiarity with scripting (Python or similar) and security automation (SOAR). Understanding of threat intelligence and its operational use. Desirable Skills: Experience in software engineering or penetration testing. Exposure to Splunk ES and development of More ❯

or mentoring capacity. Collaborate with internal and client teams to enhance SOC services and align with evolving threat landscapes. Develop automated response workflows for SOAR platforms targeting common attack vectors. Drive continuous improvement by refining detection use cases and enhancing SOC processes. Technical Skills & Experience: Hands-on experience with SIEM More ❯

You’ll Bring 5+ years in cybersecurity operations, with at least 2 years in a leadership role Strong hands-on knowledge of SIEM, EDR, SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence More ❯

You’ll Bring 5+ years in cybersecurity operations, with at least 2 years in a leadership role Strong hands-on knowledge of SIEM, EDR, SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence More ❯

management and threat protection Security automation and DevSecOps integration Security Operations SOC transformation and cloud-native security ops Threat detection with XDR, NDR, and SOAR platforms Incident response planning and threat intelligence integration Regulatory alignment for DORA, NIS2, and UK-specific mandates Risk frameworks tailored by industry (FS, critical infrastructure More ❯

Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, NIST). Hands-on experience with EDR tools (CrowdStrike, Defender for Endpoint) and SIEM/SOAR platforms. Basic scripting for automation and reporting using PowerShell or Python. Working knowledge of network security protocols, VPNs, firewalls, and web filtering tools. Understanding of More ❯

one programming or scripting language (e.g., Python, Go, Bash) for security automation or analysis. Experience with container security monitoring (Docker, Kubernetes). Experience with SOAR platforms. Knowledge of digital forensics and incident response procedures. Understanding of malware analysis techniques. It would be great if you have one or more of More ❯

experience Good knowledge covering several of the following examples (this list is not exhaustive): AD, Cryptography, End User Computing, IAM, PKI, Server hardening, SIEM, SOAR, virtualisation (VMware) Participate in pre-sales tasks and perform ongoing support of delivery collateral. Familiarity with MITRE ATT&CK Familiarity with ITIL Who we are More ❯

Strong understanding of network security principles, protocols, and technologies (firewalls, IDS/IPS, SIEM, etc.). Experience with security tools such as SIEM/SOAR platforms, endpoint detection and response (EDR) solutions, vulnerability management, detection and response/remediation (VMDR) solutions and threat intelligence platforms. Knowledge of security standards and More ❯

have some of the following skills and experience: Experience in Cyber Threat Intelligence Experience in Threat Hunting Experience with the Microsoft Sentinel SIEM/SOAR platform Proficient in writing KQL Strong understanding of threat intelligence principles and practices. Strong understanding of security risk management Understanding of threat modelling Knowledge of More ❯

Monitoring Incident Response Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus, Nexpose) Anti-Malware/ More ❯

Looking For 5+ years’ experience in a SOC or cybersecurity operations role, including 2+ years in a leadership position . Strong understanding of SIEM, SOAR, EDR, IDS/IPS, and firewall technologies. Experience in incident response, threat intelligence, and forensic analysis . Proficiency in security frameworks like MITRE ATT&CK More ❯

Looking For 5+ years’ experience in a SOC or cybersecurity operations role, including 2+ years in a leadership position . Strong understanding of SIEM, SOAR, EDR, IDS/IPS, and firewall technologies. Experience in incident response, threat intelligence, and forensic analysis . Proficiency in security frameworks like MITRE ATT&CK More ❯

engineering, security operations, or cloud security. Strong knowledge of Azure security controls, IAM, and cloud-native security services. Experience with endpoint security, SIEM/SOAR, network security, and automation tools. Familiarity with scripting (Python, PowerShell) and infrastructure-as-code (Terraform, Ansible). Deep understanding of vulnerability management, penetration testing, and More ❯

scripting languages (e.g. Python, Bash) Experience with a modern programming language (e.g. Go, TypeScript) Good knowledge of Security tooling, frameworks and approaches (e.g. SIEM, SOAR, IPS/IDS, NIST, Vulnerability Management) Capable of implementing SecOps/DevSecOps practices from scratch, implementing, maintaining, and scaling them out across teams and the More ❯

effective security operations processes, ensuring continuous improvement across security tools and services. Support an effective security operations environment using tools such as Microsoft Sentinel, SOAR, EDR/XDR, and PAM. Achieve reductions in repetitive alerts and improve the time taken to investigate and resolve incidents. Proactive Risk Remediation: Identify, analyse More ❯

effective security operations processes, ensuring continuous improvement across security tools and services. • Support an effective security operations environment using tools such as Microsoft Sentinel, SOAR, EDR/XDR, and PAM. • Achieve reductions in repetitive alerts and improve the time taken to investigate and resolve incidents. Proactive Risk Remediation: • Identify, analyse More ❯

be responsible for detecting, responding and mitigating cyber-attacks on our clients customers networks within their Security Operations Centres using a combination of our SOAR, Elastic and the Microsoft XDR ecosystem to deliver effective and appropriate defences for our client. Previus experience with Sentinel 1 would be highly benefitial. This More ❯

etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR and EDR. Knowledge and/or understanding of data and analytics in terms of cybersecurity implications. Missing skills? Let us be the judge! BMT are passionate More ❯