1 to 25 of 26 Remote SOAR Jobs in the UK

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case … customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst/or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft Sentinel, Splunk, Qradar, or Humio/Logscale is More ❯

Cloud technologies ESSENTIAL Other requirements: Proven experience with Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft Purview in real-world environments. Strong understanding of cloud security architecture, SIEM/SOAR, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and data protection. Familiarity with Azure, Microsoft 365, and hybrid cloud environments. Understanding of security operations, incident response, and threat intelligence. CORE COMPETENCIES More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

detection engineering efforts. Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage At Tesco More ❯

and energy innovation. Key Responsibilities: Lead the architecture and design of ServiceNow SecOps modules (Security Incident Response, Vulnerability Response, Threat Intelligence, etc.). Integrate ServiceNow with cybersecurity tools (SIEM, SOAR, EDR, CMDB, OT/ICS). Work with cybersecurity, IT, and engineering teams to automate and improve response workflows. Define and deliver the SecOps roadmap and best practices for multiple More ❯

architecture role. Background working with or for a VAR, Systems Integrator, or Security Vendor highly desirable . Technical Expertise Strong understanding of enterprise security technologies, including firewalls, SIEM/SOAR, IAM, DLP, SASE, Zero Trust, and cloud security. Working knowledge of AWS, Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or equivalent security More ❯

and inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts … security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep More ❯

practices, application security tooling (SAST/SCA/DAST), cloud security (CSPM/CIEM/CNAPP), and infrastructure hardening. Incident Detection & Response : Strong skills in threat detection, SIEM/SOAR, incident response, and achieving low MTTD/MTTR; experience with purple teaming and tabletop exercises. Network Security : Understanding of routing security principles (BGP/RPKI), network segmentation and DDoS mitigation More ❯

Security Operations working within or alongside Security Operations Centre(s). Experience working in all hyperscaler environments, preferably holding Professional Cloud Architect or equivalent Certification. Experience with multiple SIEM & SOAR Tooling, preferably Google SecOps (formerly Chronicle/Simplify). Strong written, verbal and presentation skills. Excellent communication and interpersonal skills, with the ability to build strong relationships with clients and More ❯

experience leading and managing technical teams. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO/IEC 27001, IAM). Proficiency with cybersecurity tools and platforms (e.g., SIEM, SOAR, SAS, Sandboxes, EDR solutions and cloud technologies). Working of knowledge of access control principles, cloud technologies (CNAPP, CSPM), data retention, and encryption methodologies. Excellent problem-solving, investigative mindset, and More ❯

operations, insider threat programs, or related investigative/analytical roles (SOC, threat detection, or risk analysis). Hands-on experience with tools such as SIEM, DLP, UEBA, EDR, or SOAR . Strong understanding of data protection, behavioral analysis, and incident response principles. Experience managing sensitive investigations with HR, Legal, or Compliance teams. Knowledge of privacy and regulatory frameworks (GDPR, HIPAA More ❯

resilient, resourceful, and relentless in your pursuit of product excellence. As a bonus, you understand and have built integrations for popular cybersecurity partner solutions, such as Splunk Enterprise, Splunk SOAR, Palo Alto Networks Cortex XSOAR, Microsoft Sentinel, Google SecOps, and/or others. About Dataminr At Dataminr, we are a mission driven team of talented builders, creators and visionaries who More ❯

through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security More ❯

who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting … platforms such as Sentinel, Splunk, Defender, or Elastic. Scripting/automation ability (PowerShell, KQL, Python, etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications More ❯

for one or more of the following vendors: Fortinet, Palo Alto, Juniper, Cisco, Netskope, Zscaler, CrowdStrike. We would also love to receive applications from people with skills solutioning SIEM, SOAR, or Managed Security Services (experience in DDoS, WAF, IDAM, EDR, MDM or Vulnerability Management is a plus). We are also interested to hear from candidates with operational expertise in More ❯

Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯

Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯

and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 – £60,000 depending on experience Dynamic (hybrid) working :2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯

and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working : 2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯

across the entire IT estate. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated authentication models Understanding of security automation concepts, including security orchestration and response (SOAR) including ability to script or automate repetitive tasks. Experience producing security artefacts and configuration documentation, including risk assessments, security design records, hardening standards, control implementation guides More ❯

We are looking to recruit an experienced Microsoft Cyber Security Analyst who has a wealth of practical experience Sentinel, Defender and SOAR Automation with a good understanding of applying Cyber Security tools in a Microsoft based Cloud infrastructure. On this contract you will be a key member of the team responsible for securing our clients digital infrastructure. As the Microsoft … Cyber Security Analyst you will responsible for the implementation, configuration and optimisation of Microsoft Sentinel, Microsoft Defender and SOAR Playbook automation and deployment. You will also need to be proficient in the use of KQL. In this role you will be the Microsoft Cyber Security SME and will be key to creating a secure Azure based Cloud infrastructure. You will More ❯