1 to 25 of 43 SOAR Jobs in London

platforms (AWS, Azure, GCP). Expertise in Microsoft Sentinel, Cisco Splunk or Palo Alto QRadar, and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell, Bash). Deep understanding of More ❯

designing or implementing micro segmentation (e.g., Cisco Titration, Illumio, Guardicore) Background in regulated industries like financial services, healthcare, Resources or government Familiarity with DNS-based threat detection, SIEM/SOAR integration, and cloud security access brokers (CASB) Why Join Us at Accenture in This Role? Leadership in Next-Generation Cybersecurity : As a trusted security partner, Accenture leads the way in More ❯

NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises Please apply within for further details - Matt Holmes, Harvey Nash More ❯

NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises Please apply within for further details - Matt Holmes, Harvey Nash More ❯

record in security operations, incident response, and vulnerability management. - Experience managing enterprise-grade security platforms and working across diverse environments (cloud, hybrid, manufacturing). - Hands-on expertise with EDR, SOAR tooling, and SASE/SSE technologies. - Deep familiarity with frameworks such as NIST, MITRE ATT&CK, and other industry standards. - Strong stakeholder management skills and the ability to influence at More ❯

workbooks, and reports for stakeholders. Perform threat hunting activities and support continuous improvement of SOC processes. Maintain and enhance use cases, playbooks, and automation (e.g., with Logic Apps or SOAR). Ensure SIEM solutions are properly integrated with data sources (e.g., firewalls, endpoints, cloud services). Support compliance and audit efforts through effective logging and reporting. Provide subject matter expertise More ❯

strategy, including RBAC, least-privilege provisioning, SSO, federation (OIDC/SAML), and privileged-access workflows. Monitoring, Detection & Response - Define audit logging, metrics, and telemetry requirements; integrate with SIEM/SOAR to deliver actionable alerts and playbooks for engineering-led incident response. Threat Modeling & Risk Assessment - Conduct regular architecture and code-level reviews, drive remediation plans, and present risk posture to More ❯

and be able to demonstrate it: Security Detection and Monitoring Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus, Nexpose) Anti-Malware/EDR Software (Carbon Black, Microsoft More ❯

executive leadership. Desired Experience: Proven experience working in or alongside a 24/7 Security Operations Centre . Strong technical exposure to SIEM (ideally Splunk), EDR (CrowdStrike preferred), and SOAR tools. Expertise in incident handling , threat analysis , and digital forensics . Scripting or automation experience (Python, PowerShell, etc.) is highly beneficial. Knowledge of MITRE ATT&CK , NIST CSF , and related More ❯

met. Ensure the IAM service follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation point for issues of non More ❯

of Cyber Security and Threat monitoring: Threat information gathering Type of cyber attacks Defence in Depth model. Detective monitoring such as Splunk Vulnerability Management - patching techniques Suggested Experience in SOAR system (Phantom) Experience in Anomali Threat Intelligence Platform Analysis based on MITRE ATT&CK Framework Education/Qualifications: Essential Degree educated and/or equivalent experience. PERSONAL REQUIREMENTS Good communication More ❯

cloud engineering, GRC, and program teams to align internal tooling with evolving compliance needs and operational goals. Qualifications (Text Only) Required Qualifications: - Demonstrated experience deploying automation for security operations (SOAR platforms, script-based playbooks, API integrations). - Experience in security engineering, automation, or software engineering, preferably in cloud-native or regulated environments. - Strong programming/scripting skills (Python preferred) with More ❯

engineering Solid understanding of TCP/IP, routing, firewalls, VPN, and network segmentation principles. Hands-on experience with security tools such as firewalls (Fortinet, Palo Alto, etc.), SIEM/SOAR, IDS/IPS, EDR, or vulnerability scanners. Familiarity with Linux, scripting (Python, Bash), and infrastructure-as-code concepts. Knowledge of secure configuration standards (e.g., CIS benchmarks) and common protocols (e.g. More ❯

compliance with international cybersecurity standards and regulatory requirements What We’re Looking For A proactive and driven leader with deep technical cybersecurity expertise Proven experience managing SOC, SIEM, and SOAR operations In-depth knowledge of NIST CSF, ISO 27001, and GDPR Strong experience in cybersecurity incident management Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field More ❯

compliance with international cybersecurity standards and regulatory requirements What We’re Looking For A proactive and driven leader with deep technical cybersecurity expertise Proven experience managing SOC, SIEM, and SOAR operations In-depth knowledge of NIST CSF, ISO 27001, and GDPR Strong experience in cybersecurity incident management Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field More ❯

Deliver a gap analysis and propose a strategic roadmap Define operating models for SOC, red teaming, and internal security ownership Advise on cloud security (AWS/GCP), tooling (SIEM, SOAR, EDR), and DevSecOps practices Engage senior stakeholders to align security recommendations with business goals Required Skills & Experience Proven experience in senior security consultancy or architecture roles Strong understanding of cloud More ❯

scripts in Python JavaScript or PowerShell is a plus Experience with security design and architecture, content development, workload automation and use-cases Experienced with technologies such as EDR, SIEM, SOAR, NGFW and their ecosystems Familiarity with cloud technologies, providers (such as GCP, AWS, Azure) Familiarity with attack surface management is a plus Experience in customer-facing roles (internal or external More ❯

advance your career within a high-performing security practice. Key Responsibilities Lead technical delivery and onboarding of Cloud Native Security Solutions such as CSPM/CNAPP/XDR/SOAR/SIEM platforms. Perform cloud security assessments (e.g., posture review, CSPM, identity risk, threat exposure) Deliver customer workshops, high- and low-level designs, and technical documentation. Contribute to the development … Minimum of 3 years' experience in Professional Services. managed security services, preferably in a next generation SOC environment or in an MSSP or MDR provider Experience with SIEM and SOAR platforms, particularly Microsoft Sentinel or Google Chronicle, including rule tuning, KQL, and automation. Knowledge of infrastructure-as-code and security automation (e.g., Bicep, Terraform, Logic Apps, PowerShell). Exposure to More ❯

responding to threat detection systems, and contribute to projects that strengthen security across the organisation. Key Responsibilities Monitor and respond to security alerts and incidents (EDR, SIEM, Identity Protection, SOAR). Assist in vulnerability scanning and remediation activities. Help manage systems such as email and web security gateways, VPNs, MFA, SSO, and mobile device security. Support the maintenance of security More ❯

with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional Information: Hybrid or on-site work model. Occasional travel for global alignment or vendor engagements. Ability to operate in a fast More ❯

and understanding Windows, macOS, and Linux operating systems. Experience analyzing network and host-based security events. Professional experience using a wide range of investigative tools including EDR, SIEM/SOAR, UBA. Knowledge of networking technologies, specifically TCP/IP and related protocols. Experience with attacker tactics, techniques, and procedures. Experience making important decisions independently and multi-tasking under pressure. Experience More ❯

engaging across the business, evangelising Security across both tech and non-tech areas Who you are: Keen interest in security, with the want to develop. Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud environments AWS and GCP More ❯

and prioritize customer issues to ensure timely resolution. Contribute to business growth by encouraging expanded use of the platform among customers. Minimum 2 years of hands-on experience with SOAR/automation technologies or equivalent. At least 5 years in customer-facing roles such as post-sales engineering, customer success, or technical services. Proven expertise in security, automation, scripting (bash More ❯

the latest security threats, threat actors, and the tactics and techniques adopted. Proven experience with programming languages such as Python, Rust, C++, or others. Knowledge of SecOps tooling (SIEM, SOAR, Threat Intelligence). More ❯

Strong Understanding of Security Operations working within or alongside Security Operations Centre(s) Experience working in all hyperscaler environments, preferably holding Professional Cloud Architect Certification Experience with multiple SIEM & SOAR Tooling, preferably Google SecOps (formerly Chronicle/Simplify) Experience with EDR/XDR and NDR Tooling, preferably Crowdstrike, Corelight, Microsoft Defender XDR Connect to your business - Technology and Transformation Distinctive More ❯