1 to 25 of 54 SOAR Jobs in the South East

Experience with ticket management solutions: Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and More ❯

Experience with ticket management solutions: Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and More ❯

Experience with ticket management solutions: Dynamics 365, ServiceNow, Remedy, etc. Experience with PMO tools such as Jira, Smartsheet, Monday.com, etc. Microsoft O365 products (Excel, PowerPoint, etc.). SEIM and SOAR technologies (Splunk, Cribl, Azure Sentinel). Configure and troubleshoot EDR/Microsoft Defender for Endpoint, vulnerability management, and threat detection systems, with focus on Linux OS. Azure Security Center and More ❯

ATT&CK, threat actor tactics, and experience in incident detection, triage, and analysis within a SOC or similar environment Desirable Criteria Exposure to cloud security monitoring (AWS, Azure, GCP), SOAR platforms, and automation playbook creation Experience with threat intelligence integration, rule writing (YARA, Sigma, Snort/Suricata), and container/Kubernetes security Familiarity with offensive security methodologies and scripting for More ❯

ATT&CK, threat actor tactics, and experience in incident detection, triage, and analysis within a SOC or similar environment Desirable Criteria Exposure to cloud security monitoring (AWS, Azure, GCP), SOAR platforms, and automation playbook creation Experience with threat intelligence integration, rule writing (YARA, Sigma, Snort/Suricata), and container/Kubernetes security Familiarity with offensive security methodologies and scripting for More ❯

NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT More ❯

NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT More ❯

operations stay one step ahead of emerging threats. What You’ll Do Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring More ❯

operations stay one step ahead of emerging threats. What You’ll Do Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring More ❯

operations stay one step ahead of emerging threats. What You’ll Do Lead the creation and optimization of detection rules, alerting logic, and use cases across SIEM, EDR, and SOAR platforms. Analyze and investigate alerts across cloud and on-prem infrastructures to identify real threats and eliminate false positives. Strengthen visibility across Azure, AWS, and GCP environments, ensuring comprehensive monitoring More ❯

etc. Microsoft O365 products (Excel, PowerPoint, etc.) Collaboration and communication skills across multiple teams and businesses. Good-to-Have Skills Palo Alto Firewall, F5 LTM, F5 GTM SIEM and SOAR tools (Splunk, Cribl, PAN Cortex) Powershell Python Scripting Power BI and Power Automate. More ❯

etc. Microsoft O365 products (Excel, PowerPoint, etc.) Collaboration and communication skills across multiple teams and businesses. Good-to-Have Skills Palo Alto Firewall, F5 LTM, F5 GTM SIEM and SOAR tools (Splunk, Cribl, PAN Cortex) Powershell Python Scripting Power BI and Power Automate. More ❯

etc. Microsoft O365 products (Excel, PowerPoint, etc.) Collaboration and communication skills across multiple teams and businesses. Good-to-Have Skills Palo Alto Firewall, F5 LTM, F5 GTM SIEM and SOAR tools (Splunk, Cribl, PAN Cortex) Powershell Python Scripting Power BI and Power Automate. More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

threats, malware, and security analytics Experience (5+ years) in cyber security roles preferred Desirable certifications: CISSP, CISM, CCSP, CRISC (or equivalent) Experience across areas such as AD, PKI, SIEM, SOAR, cryptography, or virtualization (VMware) Eligibility for SC Clearance is mandatory. Eligibility to work in the UK is essential. Robert Walters Operations Limited is an employment business and employment agency and More ❯

and inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts … security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep More ❯

and inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts … security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep More ❯

4+ years of experience with endpoint platforms, including hands-on work with forensics, EDR/SIEM, and incident response systems. Familiarity with the security operations landscape, including SIEM, XDR, SOAR, ASM, and SOC workflows. Experience in building SOC workflows, supporting incident response, and integrating security tools into enterprise environments. At least 2 years of hands-on experience with one or More ❯

Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. … and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). More ❯

Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. … and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). More ❯

strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the ability More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯