25 of 25 Remote SOAR Jobs in the UK

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall … stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration … for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall … stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration … for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience More ❯

software delivery lifecycle. A key part of this position will also involve mentoring an internal engineer, developing structured security policies, and managing Sentinel, Defender and SOAR solutions for automated threat response. Additionally, the role requires liaising with third-party support partners to coordinate security solutions, manage incidents, and enhance overall … stage. Cloud Security Implementation: Leverage Azure Security Centre, Microsoft Defender for Cloud, and Microsoft Sentinel for advanced security monitoring. Threat Detection & SOAR Automation: Oversee Security Orchestration, Automation, and Response (SOAR) solutions including SOC Prime. Network & Application Security: Manage Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS). Vulnerability & Penetration … for post-contract continuity. Required Strong expertise in Azure cloud security, Microsoft Defender, and Microsoft Sentinel. Proven experience in SOAR technologies for security automation and response orchestration. Hands-on experience with penetration testing, vulnerability assessments, and security scanning. Experience implementing and managing WAF, IPS, and DNS security solutions. Extensive experience More ❯

You’ll Bring 5+ years in cybersecurity operations, with at least 2 years in a leadership role Strong hands-on knowledge of SIEM, EDR, SOAR, IDS/IPS, firewalls, and cloud security Deep understanding of MITRE ATT&CK, NIST, ISO 27001, CIS frameworks Proven experience in incident response, threat intelligence More ❯

management and threat protection Security automation and DevSecOps integration Security Operations SOC transformation and cloud-native security ops Threat detection with XDR, NDR, and SOAR platforms Incident response planning and threat intelligence integration Regulatory alignment for DORA, NIS2, and UK-specific mandates Risk frameworks tailored by industry (FS, critical infrastructure More ❯

have some of the following skills and experience: Experience in Cyber Threat Intelligence Experience in Threat Hunting Experience with the Microsoft Sentinel SIEM/SOAR platform Proficient in writing KQL Strong understanding of threat intelligence principles and practices. Strong understanding of security risk management Understanding of threat modelling Knowledge of More ❯

effective security operations processes, ensuring continuous improvement across security tools and services. • Support an effective security operations environment using tools such as Microsoft Sentinel, SOAR, EDR/XDR, and PAM. • Achieve reductions in repetitive alerts and improve the time taken to investigate and resolve incidents. Proactive Risk Remediation: • Identify, analyse More ❯

etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR and EDR. Knowledge and/or understanding of data and analytics in terms of cybersecurity implications. Missing skills? Let us be the judge! BMT are passionate More ❯

Current experience working with a SOC environment Microsoft Sentinel: Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL): Writing complex, efficient queries for advanced threat hunting and detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents More ❯

with commercial threat intelligence and/or vulnerability tooling and systems i.e., Recorded Future, Tenable, Panaseer or similar solutions, Threat Intelligence platforms, SIEM and SOAR environments, and the development or implementation of new security tooling and dashboards. Security knowledge and experience : Professional experience in cyber security, specifically threat intelligence, incident More ❯

to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation of Security Controls using automation. Experience working with multi cloud environments (specifically AWS and Azure). Incident response and threat hunting experience. Strong More ❯

protocols, and standards. Proficiency with DevOps and DevSecOps tools (e.g. GitLab CI/CD, Ansible, Terraform). Experience with security tools like SIEM/SOAR (preferably Rapid7), IDS/IPS, vulnerability scanners, and code analysis tools (SonarCloud, Snyk, Chekov) Strong knowledge of network security, encryption, identity and access management, and More ❯

helping customers get the most out of the platform’s capabilities. If you’ve got solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects More ❯

will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. … tools and platforms (e.g. Azure, AWS Google Cloud) and their integration into SOC operations. Experience using Microsoft Sentinel SIEM. Other vendor-specific certifications for SOAR platforms (e.g. Splunk SOAR, Palo Alto Cortex XSOAR). Experience contributing to large-scale, sprint-based, security automation and detection engineering projects. "Nice To Have More ❯

objectives Skills and experience we are looking for in our Information Security Officer: Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

objectives Skills and experience we are looking for in our Information Security Officer: Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

with bespoke security monitoring and detection methodologies (Detection Logic) Hands-on experience with Google SecOps Platform Engineering & Maintenance Experience with Google SecOps SIEM and SOAR capabilities Splunk SIEM platform experience is desirable Location This is a home-based role, with occasional travel to the local office as needed. About Us More ❯

OT monitoring solutions. Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs and vendor performance. Build and … NIST, ISO, GDPR). Stay ahead of evolving cyber threats and trends. Ideal Candidate Strong Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive More ❯

OT monitoring solutions. Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs and vendor performance. Build and … NIST, ISO, GDPR). Stay ahead of evolving cyber threats and trends. Ideal Candidate Strong Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive More ❯

threat intelligence Strong technical foundation and understanding of security concepts, solutions and technologies; experience with enterprise security services such as EDR, SIEM technologies, and SOAR platforms is essential Familiarity with frameworks such as MITRE ATT&CK and how to utilise them in the assessment of detection capabilities and coverage Skilled … have a strong technical foundation and understanding of security concepts, solutions and technologies; experience with enterprise security services such as EDR, SIEM technologies, and SOAR platforms? Select Please note that this is essential for success in this role. Do you have at least 5+ years of hands-on, in-depth More ❯

GSOC) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats. What will you be doing? SOAR Playbook Development, Programming new API Integrations, developing new automation tasks and maintenance. Responsible for installation, management, maintenance, and support of GSOC tools hosted on multiple … Amazing Extras: Preferred experience in a Security Operations environment Preferred experience with recognized SIEM solutions, preferably Azure Sentinel Preferred experience with developing and configuring SOAR tools such as XSOAR or Azure Logic Apps with Azure Functions Preferred experience with Query Languages, preferably KQL Preferred a good working knowledge of Microsoft More ❯

in creation and maintenance of security processes, playbooks, and documentation to standardise SOC operations. Design and implement automation workflows and integrations using Logic Apps, SOAR platforms, and scripting to enhance SOC efficiency. Assist in the monitoring and investigation of security alerts when required, supporting the SOC team. Contribute to the … security monitoring. Experience in developing KQL queries, custom detection rules. Familiarity with automation and integration tools such as Logic Apps, Power Automate, or other SOAR platforms. Knowledge of cloud security, particularly Azure, AWS, and Google Cloud. Excellent documentation skills and process-building capabilities. Great communication skills and ability to work More ❯

Company Description: About Us McDonald's has run its business in the UK since 1974 and currently operates over 1500 restaurants across the UK and Ireland, serving almost four million customers each day. McDonald's is one of the UK More ❯

monitoring, SIEM, and endpoint detection. About the role: You will develop and maintain infrastructure supporting Jisc's security services, focusing on managing our SIEM, SOAR, and threat intelligence platforms, and collaborating with threat intelligence teams to automate and enhance these systems. Key responsibilities include: Developing and maintaining security platforms and … Documenting processes in line with standards Driving continuous technological improvements Representing Jisc externally at conferences and taskforces Key skills and experience: Experience with SIEM, SOAR, and threat intelligence platforms Operational experience in network services or cybersecurity Designing and deploying technical solutions Knowledge of IaaS, SaaS, Linux server administration Experience with More ❯

the IT Security Officer, to implement and maintain robust security across their infrastructure. Key responsibilities include managing WAF/DDoS, security gateways, SIEM/SOAR/EDR, firewalls, MFA/SSO, MDM/MAM, vulnerability scans, and incident response. Key Responsibilities: Manage WAF/DDoS, web/email security gateways … SIEM/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness training. Remediate penetration test findings and contribute to ad-hoc projects. Essential Experience: Strong knowledge of CrowdStrike EDR, Mimecast, Duo, Okta, Rapid7 More ❯