1 to 25 of 30 Remote SOAR Jobs in England

to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability … detailed documentation and knowledge transfer for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security More ❯

to integrating security across their software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall cybersecurity posture. Responsibilities Infrastructure Security … with security embedded at every stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration Testing: Review Penetration Testing, vulnerability … detailed documentation and knowledge transfer for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience with Terraform for IaC security More ❯

affected systems, response actions, and improvement recommendations. Produce clear, detailed reports for client delivery. Technical Requirements: Hands-on experience in incident response and investigation using tools such as SIEM, SOAR, and EDR. Proficiency in analysing logs across multiple platforms (Networking, Windows, Mac, Linux, Cloud). Solid understanding of evidence collection and handling procedures. Familiarity with the NIST 800-61 incident More ❯

Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel, Key Vault, APIM) Strong advocate of Zero Trust models and secure development practices Experienced in SIEM & SOAR, ideally with tools like Rapid7 Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure Security Engineer Associate or AWS More ❯

executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related More ❯

executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related More ❯

strategy, including RBAC, least-privilege provisioning, SSO, federation (OIDC/SAML), and privileged-access workflows. Monitoring, Detection & Response - Define audit logging, metrics, and telemetry requirements; integrate with SIEM/SOAR to deliver actionable alerts and playbooks for engineering-led incident response. Threat Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to More ❯

risk. Maintain Security Operations: • Maintain effective security operations processes, ensuring continuous improvement across security tools and services. • Support an effective security operations environment using tools such as Microsoft Sentinel, SOAR, EDR/XDR, and PAM. • Achieve reductions in repetitive alerts and improve the time taken to investigate and resolve incidents. Proactive Risk Remediation: • Identify, analyse, and evaluate security risks, applying More ❯

met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of non More ❯

ISO 27001, ISA/IEC 62443, etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR and EDR. Knowledge and/or understanding of data and analytics in terms of cybersecurity implications. Missing skills? Let us be the judge! BMT are passionate about people; we recognise More ❯

clients during live cyber incidents, offering reassurance and expert guidance Produce detailed incident reports with root cause analysis and actionable recommendations Perform forensic and log analysis using SIEM, EDR, SOAR, and other security tools Collaborate across teams to enhance response playbooks and internal processes Stay informed on emerging threats and tactics to strengthen response strategies Skills/Must have: Proven More ❯

with little guidance. The ability to pick up new languages and technologies quickly. Experience handling security incidents and investigating anomalies as part of a team. Knowledge of EDR, SIEM, SOAR, or related security tools. Strong candidates may also have experience with: Experience performing security operations or investigations involving large-scale Kubernetes environments. A high level of proficiency in Python and More ❯

compliance with international cybersecurity standards and regulatory requirements What We’re Looking For A proactive and driven leader with deep technical cybersecurity expertise Proven experience managing SOC, SIEM, and SOAR operations In-depth knowledge of NIST CSF, ISO 27001, and GDPR Strong experience in cybersecurity incident management Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field More ❯

compliance with international cybersecurity standards and regulatory requirements What We’re Looking For A proactive and driven leader with deep technical cybersecurity expertise Proven experience managing SOC, SIEM, and SOAR operations In-depth knowledge of NIST CSF, ISO 27001, and GDPR Strong experience in cybersecurity incident management Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field More ❯

Partnering: Consult and cooperate with partners to prove the value of integration of Dataminr alerting into third party systems (e.g. Esri ArcGIS, custom client built systems, and numerous SEIM, SOAR, and TIP platforms) Technical Demonstrations: Conduct in-depth product demonstrations showcasing how our solutions leverage public data to enhance detection, response, and mitigation efforts Customer Engagement: Build and maintain strong More ❯

Fast-Moving Consumer Goods (FMGC) environment Experience working within an organisation with Operational Technology (OT) environments Experience with the following products and technologies: Microsoft Sentinel or similar SIEM and SOAR tools, KQL, Next-gen email defense platforms Knowledge of security frameworks such as NIST, ISO 27001 Your Bowl of Perks (Benefits) Competitive salary & Annual Flexible benefits We offer a competitive More ❯

Fast-Moving Consumer Goods (FMGC) environment Experience working within an organisation with Operational Technology (OT) environments Experience with the following products and technologies: Microsoft Sentinel or similar SIEM and SOAR tools, KQL, Next-gen email defense platforms Knowledge of security frameworks such as NIST, ISO 27001 Your Bowl of Perks (Benefits) Competitive salary & Annual Flexible benefits We offer a competitive More ❯

Deliver a gap analysis and propose a strategic roadmap Define operating models for SOC, red teaming, and internal security ownership Advise on cloud security (AWS/GCP), tooling (SIEM, SOAR, EDR), and DevSecOps practices Engage senior stakeholders to align security recommendations with business goals Required Skills & Experience Proven experience in senior security consultancy or architecture roles Strong understanding of cloud More ❯

responding to threat detection systems, and contribute to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the maintenance of security More ❯

evolving attack vectors. Collaborate with clients, internal teams, and vendors during incident handling. Enhance SOC processes and contribute to training initiatives. Advise on effective, cost-conscious cyber defenses. Utilize SOAR platforms to streamline detection and response processes. Develop risk mitigation plans and recommend security controls. Essential Experience: Demonstrated experience in alert/threat investigation. Proven capability in leading major incident More ❯

leader in safeguarding sensitive data and systems. Key Responsibilities/Duties Manage WAF and DDoS systems Manage the Web Security Gateway Manage the Email Security Gateway Manage the SIEM, SOAR, Identity Protection, EDR, and respond to alerts and threats Carry out vulnerability scans, identify risks, and perform remediation Manage perimeter and VPN firewalls Manage MFA and SSO Manage MDM/ More ❯

on experience with data analysis, modeling, and correlation at scale Operating systems internals and forensics experience for macOS, Windows & Linux Domain experience managing and working with current SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and programming languages Understanding of malware functionality and persistence mechanisms Ability to analyze endpoint, network, and application logs for anomalous More ❯

Strong Understanding of Security Operations working within or alongside Security Operations Centre(s) Experience working in all hyperscaler environments, preferably holding Professional Cloud Architect Certification Experience with multiple SIEM & SOAR Tooling, preferably Google SecOps (formerly Chronicle/Simplify) Experience with EDR/XDR and NDR Tooling, preferably Crowdstrike, Corelight, Microsoft Defender XDR Connect to your business - Technology and Transformation Distinctive More ❯

and streamline processes. Automate secure design reviews and integrate security checks into pull request workflows and CI/CD pipelines. Build and manage security operations automation, including data pipelines, SOAR workflows, and log aggregation for improved threat detection. Collaborate with development and security teams to ensure seamless adoption of security automation. Continuously refine automation strategies to optimize security effectiveness and More ❯

team, and manage relationships with 3rd party vendors including the SOC providers Build and embed incident response plans, playbooks, and operational standards for the function Drive maturity across SIEM, SOAR and security tooling, ensuring alignment with the latest threat landscape Provide cyber security leadership across new and existing technology programmes Lead response to major incidents, and provide guidance to executive … cyber security leadership roles (10–15 years total, with 5+ in senior management) Proven ability to build security operations capability in a global organisation. Strong technical knowledge across SIEM, SOAR, CASB, DLP, endpoint protection, cloud security, firewalls, etc. Prior hands-on experience in security engineering or architecture is highly desirable Exceptional knowledge of global compliance frameworks (NIST, ISO 27001, PCI More ❯