18 of 18 SOAR Jobs in London

seeking an experienced Senior SOAR Engineer to join the Cyber Security function of a leading investment bank. This is a key technical role within the Security Engineering team, where you will act as the primary owner of the SOAR platform, driving its design, configuration, maintenance, and continuous enhancement. You will … and the ability to collaborate across Security Operations, Engineering, and DevOps teams. What you'll do: Act as the Subject Matter Expert (SME) for Security Orchestration, Automation and Response (SOAR). Lead the configuration, enhancement, and ongoing maintenance of the SOAR platform (Chronicle SOAR). Own and maintain architectural documentation ...

investigate incidents and deliver containment, remediation, and root cause analysis; produce high-quality intel-informed incident reports. Create and tune detections (e.g., SIEM/SOAR, EDR) using intelligence signals (TTPs, behaviors, YARA/Sigma where applicable). Produce and present consumable intelligence outputs (e.g., flash alerts, threat overviews, executive briefs ...

and remediation Support detection engineering including rule deployment, tuning, and validation Resolve data quality, alerting, and detection gaps impacting operational effectiveness Support automation and SOAR initiatives (e.g. Sentinel, Logic Apps) Collaborate with SOC providers to maintain SIEM configuration and log ingestion Maintain accurate engineering documentation, runbooks, and platform records Ensure ...

Palo Alto, Cisco), WAF/DDoS protection (Imperva), and Microsoft Gateways. Threat Detection & Response: Oversee email/web security gateways (Mimecast, Menlo), SIEM/SOAR platforms, and EDR/XDR alert response (CrowdStrike, Rapid7 IDR). Identity & Access Management: Administer MFA/SSO protocols using Okta and Microsoft Entra ...

design and enhance Splunk dashboards, alerts, and data models Act as escalation point for high-severity incidents, driving rapid detection and response Develop SOAR workflows to automate and streamline security operations Conduct proactive threat hunting to identify hidden risks Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices ...

environments • Configure and optimise security policies including DLP, CASB, FWaaS, segmentation, and secure web access • Integrate Zero Trust solutions with identity providers, SIEM/SOAR platforms, and endpoint security tooling • Conduct threat modelling, risk assessments, and security architecture reviews • Troubleshoot complex deployment and access issues across enterprise environments • Provide technical ...

remediation, validating fixes, and assisting with reporting. * Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: * Microsoft Defender XDR * Microsoft Sentinel (SIEM/SOAR) * Privacy Management Solutions (e.g. Purview, OneTrust) * Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and exposure ...

Incident Response: Act as a technical escalation point for high-priority security incidents, utilising EDR and SIEM tools to enable rapid containment. Automation: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response times. Threat Hunting: Proactively search for undetected malicious activity using specialised queries. ...

Response: Act as a technical escalation point for high-priority security incidents, employing EDR and SIEM tools for swift containment. Automate Security Processes: Develop Security Orchestration, Automation, and Response (SOAR) workflows to minimise manual intervention and enhance response efficiency. Conduct Threat Hunting: Utilise specialised queries to proactively identify undetected malicious ...

and optimisation of technologies such as Zscaler, Netskope, Prisma Access, or similar platforms • Oversee integration of Zero Trust solutions with identity providers, SIEM/SOAR tooling, endpoint security, and cloud environments • Conduct architecture reviews, threat modelling exercises, gap assessments, and security strategy workshops • Lead proof-of-concept exercises, vendor evaluations ...

Microsoft 365, identity and endpoint ecosystems. - Strong understanding of ITIL based service management and operational governance. - Experience with DMS platforms (desired) - Familiarity with SIEM, SOAR and modern security tooling. Head of IT Infrastructure/Head of IT Platforms In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this ...

Microsoft Security Copilot to support cybersecurity tasks including threat hunting, triage, investigations and response, and creating security incident response playbooks. Build and maintain SOAR playbooks integrated with various security platforms (e.g., SIEMs, EDRs, identity platforms) to streamline incident response and automation. Lead automation initiatives to eliminate manual processes, improve … and automated controls. Comfortable writing scripts using languages such as Python, PowerShell, or Bash, and experience with automation platforms such as Azure Logic Apps, SOAR tools (e.g., Microsoft Sentinel, Splunk SOAR, Cortex XSOAR). Experience building and tuning detections using SIEM platforms (e.g., KQL, SPL) and working with security telemetry ...

and optimise SIEM performance, coverage, and detection fidelity Assess and improve SIEM architecture, including ingestion pipelines, parsing, and correlation logic Implement automation and orchestration (SOAR) to streamline response activities Log Source Onboarding & Integration Identify and onboard new log sources across cloud, network, endpoint, and application environments Develop custom parsers, connectors … agents) Experience in detection engineering, threat modelling, and attacker behaviour analysis Proven ability to build and tune correlation rules, dashboards, and alerts Familiarity with SOAR tools and automation workflows Security Knowledge Solid understanding of networking, Windows/Linux systems, cloud platforms (Azure, AWS, GCP), identity systems, and endpoint security tools ...

engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling … Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...

engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling … Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

operational efficiency Investigate security incidents and drive root cause analysis and remediation Implement and manage tools such as Microsoft Defender, Nessus, and SIEM/SOAR platforms Develop secure cloud templates and baseline configurations Partner with engineering teams to embed secure coding and DevSecOps practices Stay up to date with emerging … environments Deep understanding of Azure security, DevOps, and automation Hands-on experience with EDR/DLP tools (e.g. Microsoft Defender) Experience with SIEM/SOAR platforms Knowledge of frameworks such as ISO 27001, NIST, and CIS Strong troubleshooting and problem-solving skills Ability to manage multiple priorities in a fast ...

security space. These include (but are not limited to): E nd-to-end management of EDR solutions at enterprise scale DLP & DSPM Automation/Security Orchestration Automation & Response (SOAR) Scripting (python, PowerShell , bash etc.) Security Information & Event Management (SIEM) content creation, data source on-boarding Strong verbal and written communication ...