18 of 18 SOAR Jobs in London

Essential but a Bonus) Terraform/Ansible (desirable, not required) Cloud security exposure (Azure, AWS, GCP) Threat intel platform experience Experience tuning SIEM/SOAR playbooks CI/CD pipeline security (GitHub Actions, Jenkins, GitLab) Digital forensics knowledge Certifications: Security+, CySA+, GCIH, GCIA, CISSP, CISM, OSCP, CCSP ...

with NCC Group to enhance Splunk dashboards, alerts, and detections Act as the technical escalation point for high-severity security incidents Develop automation and SOAR workflows to improve response effectiveness Conduct proactive threat hunting activities Mentor and upskill the internal security team across tools and threat analysis Skills & Experience Required ...

models. Incident Response: Act as the technical escalation point for high-priority incidents, utilizing EDR and SIEM tools for rapid containment. Automation & Hunting: Develop SOAR workflows to improve response times and proactively hunt for undetected malicious activity. Upskilling: Directly train the existing team in CrowdStrike, Splunk, and advanced security analysis. ...

deployment, configuration, and optimisation Design and enhance Splunk SIEM dashboards, alerts, and data models Act as an escalation point for major cyber incidents Develop SOAR automation workflows to improve response times Conduct proactive threat hunting using advanced queries Work closely with SOC partner to optimise security operations Provide training and ...

models Act as a senior escalation point for high-priority security incidents, supporting containment and remediation using EDR and SIEM tooling Develop and implement SOAR automation workflows to streamline detection and response processes Conduct proactive threat hunting activities using advanced queries and behavioural analytics Support capability uplift by training and ...

and automates cross-domain workflows. SIR: Focuses on cyberattack life cycle management-identification, containment, eradication, recovery, and lessons learned. * Integrations: SecOps: Integrates with SIEM, SOAR, vulnerability scanners, and ITSM for a unified security posture. SIR: Integrates with threat detection tools (eg, Splunk, CrowdStrike) to ingest alerts and trigger incident workflows3. ...

Falcon deployment, configuration, and optimisation Enhancing Splunk SIEM dashboards, alerts, and threat detection capabilities Acting as a senior escalation point for incident response Driving SOAR automation to improve response times Conducting proactive threat hunting Upskilling internal teams across CrowdStrike, Splunk, and security analysis What we’re looking for: 5+ years ...

Response: Act as escalation point for high-priority incidents, driving rapid containment Threat Hunting: Proactively identify hidden threats using advanced queries and telemetry Automation (SOAR): Build workflows to streamline response and reduce manual effort Capability Building: Upskill internal teams across CrowdStrike, Splunk, and security analysis Required Experience 5+ years ...

design and enhance Splunk dashboards, alerts, and data models Act as escalation point for high-severity incidents, driving rapid detection and response Develop SOAR workflows to automate and streamline security operations Conduct proactive threat hunting to identify hidden risks Upskill internal teams in CrowdStrike, Splunk, and security analysis best practices ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike ...

technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk ...

technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training. Build up the Crowdstrike, Splunk ...

Engineer - SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100, Our leading global law firm client are currently looking to take on a new SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) to join their team on a contractual … working solution 2-3 days per week in London and offer a great deal of autonomy and technical exposure. This SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) role, will be responsible for the enhancement of existing SIEM platform and improve performance, coverage ...

insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting … This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

Role As our Senior Security Analyst, you will own the evolution of our security posture. Youll be the driving force behind our SIEM/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response … internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate real-world threats (malware, phishing, cloud misconfigurations) and ensure rapid remediation. Vulnerability Management: Conduct regular assessments, penetration testing, and risk analysis. Compliance & GRC: Maintain SOC 2 Type II accreditation and lead ...

Security Analyst - CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender Our leading global law firm client are currently looking to take on a new Security Analyst (CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender) to join their team … days per week in London and offer a great deal of autonomy and technical exposure. This Security Analyst (CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender) role, will be responsible for the day to day operations of existing security solutions and uses tools to identify ...