SOAR Jobs in England

1 to 25 of 47 SOAR Jobs in England

SOAR Engineer/Analyst (Security Orchestration, Automation, and Response)

Wallington, Surrey, England, United Kingdom
Gibbs Hybrid
SOAR Engineer/Analyst (Security Orchestration, Automation, and Response) Duration: 12 months Pay: £360.26/day PAYE or £495.15/day via umbrella Location: Remote (UK) Role Purpose The SOAR Engineer/Analyst is responsible for designing, developing, implementing, and maintaining automation playbooks to improve incident response efficiency within the Security Operations Centre. This role integrates multiple security tools and … workflows, leveraging platforms like , Darktrace , and CrowdStrike to create cohesive and automated threat detection and response mechanisms. Key Responsibilities Playbook Development: Design, implement, and maintain SOAR playbooks for automated response and alert enrichment. Tool Integration: Develop and manage integrations with: Google SecOps (Chronicle, Security Command Center) Darktrace (Threat Visualizer, Antigena) CrowdStrike Falcon (EDR, threat intelligence, APIs) Other security platforms such … indicator enrichment, triage, and threat intelligence lookups. Collaboration: Work with SOC analysts and threat detection teams to identify and implement automation opportunities. Monitoring & Optimization: Continuously evaluate the effectiveness of SOAR playbooks and integrations; fine-tune for performance and accuracy. Documentation: Maintain up-to-date technical documentation for SOAR workflows and integrations. Support & Enablement: Train SOC team members on playbook usage More ❯
Employment Type: Full-Time
Salary: £360 - £495 per day
Posted:

DevSecOps Engineer - ONSITE

Loughton, Essex, South East, United Kingdom
Hybrid / WFH Options
Profile 29
to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability … detailed documentation and knowledge transfer for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security More ❯
Employment Type: Permanent, Work From Home
Posted:

DevSecOps Engineer - ONSITE

Loughton, Essex, England, United Kingdom
Hybrid / WFH Options
Profile 29
to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability … detailed documentation and knowledge transfer for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security More ❯
Employment Type: Full-Time
Salary: £80,000 - £100,000 per annum
Posted:

Cyber Security Engineer

London, South East, England, United Kingdom
Franklin Fitch
platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell, Bash). Deep understanding of More ❯
Employment Type: Full-Time
Salary: £50,000 - £70,000 per annum
Posted:

SOC Analyst (Senior)

Stevenage, Hertfordshire, United Kingdom
Guidant Global
the creation of custom detection use cases aligned with threat models and operational requirements. Hands-on experience with security automation and orchestration, including scripting in Python, PowerShell, or using SOAR platforms to streamline response workflows. Solid understanding of threat modelling frameworks and practical application of threat hunting methodologies to proactively identify malicious activity. What happens now? Upon submission of your More ❯
Employment Type: Contract
Rate: £45.00 - £85.00/hour In IR35 (PAYE & Umbrella) available
Posted:

SOC Analyst

Stevenage, Hertfordshire, England, United Kingdom
Certain Advantage
investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies More ❯
Employment Type: Contractor
Rate: £45.00 per hour, Inc benefits
Posted:

Security Engineer - SIEM

London, South East, England, United Kingdom
Harvey Nash
NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises Please apply within for further details - Matt Holmes, Harvey Nash More ❯
Employment Type: Contractor
Rate: £600 - £720 per day
Posted:

SOC Analyst

London, United Kingdom
Spencer Rose Ltd
of: SIEM tools for example, Splunk, ArcSight, Rapid7 or QRadar EDR tooling for example: SentinelOne, CrowdStrike or Carbon Black Vulnerability tools for example: Nessus or Qualys Threat Intelligence tools, SOAR platforms and Firewalls Have strong operating systems knowledge in Microsoft and ideally Linux Be strong at Scripting for example with Python, Bash or PowerShell Have strong Cloud Security monitoring experience More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

SOC Analyst

Stevenage, Hertfordshire, United Kingdom
Endeavour Recruitment
investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience eg Python, SOAR, PowerShell Threat modelling and Hunting methodologies More ❯
Employment Type: Contract
Rate: GBP 70 - 85 Hourly
Posted:

SOC Analyst (Mid level)

Stevenage, Hertfordshire, United Kingdom
Matchtech
investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and hunting methodologies Additional information: These roles are fully site based in Stevenage Shift Pattern: Blocks on 4-5 days on, and 4-5 das off with More ❯
Employment Type: Contract
Rate: GBP 45 Hourly
Posted:

SOC Analyst (Senior level)

Stevenage, Hertfordshire, United Kingdom
Matchtech
investigations Process/Playbook/Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and hunting methodologies Additional information: These roles are fully site based in Stevenage Shift Pattern: Blocks on 4-5 days on, and 4-5 das off with More ❯
Employment Type: Contract
Rate: GBP 85 Hourly
Posted:

Security Operations Centre (SOC) Manager - Remote/London

London, South East, England, United Kingdom
Hybrid / WFH Options
Atrium Workforce Solutions Ltd
playbooks, and incident response procedures. Coordinate with IT and business units to mitigate risks identified through vulnerability scanning or threat intelligence. Manage SOC tools and technologies, including SIEM, EDR, SOAR, and scanning platforms. Track and report key performance indicators (KPIs) for SOC operations and vulnerability management. Conduct regular security assessments and risk evaluations in partnership with internal audit and compliance More ❯
Employment Type: Contractor
Rate: £390 - £538 per day
Posted:

Incident Response Consultant

Leeds, West Yorkshire, Yorkshire, United Kingdom
Hybrid / WFH Options
OpenSourced Ltd
affected systems, response actions, and improvement recommendations. Produce clear, detailed reports for client delivery. Technical Requirements: Hands-on experience in incident response and investigation using tools such as SIEM, SOAR, and EDR. Proficiency in analysing logs across multiple platforms (Networking, Windows, Mac, Linux, Cloud). Solid understanding of evidence collection and handling procedures. Familiarity with the NIST 800-61 incident More ❯
Employment Type: Permanent, Work From Home
Salary: £55,000
Posted:

Security Operations Manager

London, United Kingdom
Storio group
record in security operations, incident response, and vulnerability management. - Experience managing enterprise-grade security platforms and working across diverse environments (cloud, hybrid, manufacturing). - Hands-on expertise with EDR, SOAR tooling, and SASE/SSE technologies. - Deep familiarity with frameworks such as NIST, MITRE ATT&CK, and other industry standards. - Strong stakeholder management skills and the ability to influence at More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

SOC Engineer - DV Cleared Contract

Milton Keynes, Buckinghamshire, South East, United Kingdom
Run-Time Group Ltd
workbooks, and reports for stakeholders. Perform threat hunting activities and support continuous improvement of SOC processes. Maintain and enhance use cases, playbooks, and automation (e.g., with Logic Apps or SOAR). Ensure SIEM solutions are properly integrated with data sources (e.g., firewalls, endpoints, cloud services). Support compliance and audit efforts through effective logging and reporting. Provide subject matter expertise More ❯
Employment Type: Contract
Posted:

Senior IR-SOC Engineer - Elite Law Firm - London

London, United Kingdom
Hybrid / WFH Options
Precise Placements Ltd
executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related More ❯
Employment Type: Permanent
Salary: GBP 100,000 - 120,000 Annual
Posted:

Senior IR-SOC Engineer

London, South East, England, United Kingdom
Hybrid / WFH Options
Precise Placements
executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related More ❯
Employment Type: Full-Time
Salary: £100,000 - £120,000 per annum
Posted:

Principal Security Engineer

London, United Kingdom
Hybrid / WFH Options
Orgvue Limited
strategy, including RBAC, least-privilege provisioning, SSO, federation (OIDC/SAML), and privileged-access workflows. Monitoring, Detection & Response - Define audit logging, metrics, and telemetry requirements; integrate with SIEM/SOAR to deliver actionable alerts and playbooks for engineering-led incident response. Threat Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Identity & Access Management Senior Architect

East London, London, United Kingdom
Hybrid / WFH Options
A&O Shearman
met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of non More ❯
Employment Type: Permanent, Work From Home
Posted:

Cyber Security Specialist - MSP

Manchester, North West, United Kingdom
Netteam tX Ltd
clients Confident producing clear documentation and reporting Desirable Skills: Certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, PCIP Penetration testing or red teaming exposure Experience with SIEM/SOAR platforms (e.g., Microsoft Sentinel) Familiarity with MSP toolsets (Autotask, IT Glue, Rewst) or automation experience Personal Attributes: Friendly and professional Excited about tech and thrives on developing understanding of new More ❯
Employment Type: Permanent
Salary: £50,000
Posted:

Cyber Security Specialist - MSP

Manchester, Lancashire, England, United Kingdom
Netteam tX Ltd
clients Confident producing clear documentation and reporting Desirable Skills: Certifications: Security+, SC-200, CEH, ISO 27001 Lead Implementer, PCIP Penetration testing or red teaming exposure Experience with SIEM/SOAR platforms (e.g., Microsoft Sentinel) Familiarity with MSP toolsets (Autotask, IT Glue, Rewst) or automation experience Personal Attributes: Friendly and professional Excited about tech and thrives on developing understanding of new More ❯
Employment Type: Full-Time
Salary: £45,000 - £50,000 per annum
Posted:

Security Engineer: Detection and Response

London, United Kingdom
Hybrid / WFH Options
Menlo Ventures
with little guidance. The ability to pick up new languages and technologies quickly. Experience handling security incidents and investigating anomalies as part of a team. Knowledge of EDR, SIEM, SOAR, or related security tools. Strong candidates may also have experience with: Experience performing security operations or investigations involving large-scale Kubernetes environments. A high level of proficiency in Python and More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:

Senior Manager Security Operations

Dubai, Whitechapel, Greater London, United Kingdom
Hybrid / WFH Options
VIQU IT
compliance with international cybersecurity standards and regulatory requirements What We’re Looking For A proactive and driven leader with deep technical cybersecurity expertise Proven experience managing SOC, SIEM, and SOAR operations In-depth knowledge of NIST CSF, ISO 27001, and GDPR Strong experience in cybersecurity incident management Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field More ❯
Employment Type: Permanent
Salary: £100000 - £120000/annum
Posted:

Senior Security Operations Manager

Greater London, Whitechapel, United Kingdom
Hybrid / WFH Options
VIQU IT
compliance with international cybersecurity standards and regulatory requirements What We’re Looking For A proactive and driven leader with deep technical cybersecurity expertise Proven experience managing SOC, SIEM, and SOAR operations In-depth knowledge of NIST CSF, ISO 27001, and GDPR Strong experience in cybersecurity incident management Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field More ❯
Employment Type: Permanent
Posted:

Director of Secure Devices

London, United Kingdom
Boston Consulting Group
with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional Information: Hybrid or on-site work model. Occasional travel for global alignment or vendor engagements. Ability to operate in a fast More ❯
Employment Type: Permanent
Salary: GBP Annual
Posted:
SOAR
England
10th Percentile
£40,000
25th Percentile
£53,649
Median
£74,000
75th Percentile
£85,000
90th Percentile
£97,500