1 to 25 of 35 SOAR Jobs in the UK

Essential but a Bonus) Terraform/Ansible (desirable, not required) Cloud security exposure (Azure, AWS, GCP) Threat intel platform experience Experience tuning SIEM/SOAR playbooks CI/CD pipeline security (GitHub Actions, Jenkins, GitLab) Digital forensics knowledge Certifications: Security+, CySA+, GCIH, GCIA, CISSP, CISM, OSCP, CCSP ...

highly desirable. * Experience with security automation and orchestration, including the use of scripting languages (such as PowerShell or Python) and SOAR platforms to streamline incident response, automate repetitive tasks, and enhance overall security operations. * Strong knowledge of security technologies (e.g., firewalls, IDS/IPS, EDR, SIEM) * Technical bachelor's degree ...

highly desirable. Experience with security automation and orchestration, including the use of scripting languages (such as PowerShell or Python) and SOAR platforms to streamline incident response, automate repetitive tasks, and enhance overall security operations. Strong knowledge of security technologies (e.g., firewalls, IDS/IPS, EDR, SIEM) Technical bachelor’s degree ...

Cloud, Azure) Active Directory, Group Policies, PowerShell Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption) IDP/IPS Systems SIEM tools (such as Splunk) SOAR is an added advantage Knowledge of malware capabilities, attack vectors and impact. Knowledge of the MITRE ATT&CK framework to understand threat actors and ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

Bring... 5-8 years’ experience in a security operations, incident response, or detection engineering role Strong familiarity with security monitoring platforms such as SIEM, SOAR, and threat intelligence tooling Experience writing or tuning detection logic, ideally using KQL or similar query languages Practical exposure to threat hunting and analysing security ...

Demonstrable experience with IP-based networks, WAN technologies, Windows/Linux environments, and virtual server technologies. Modern Solutions: First-hand experience with SIEM solutions, SOAR workflows, and EDR technologies like Microsoft Defender. ...

Demonstrable experience with IP-based networks, WAN technologies, Windows/Linux environments, and virtual server technologies. Modern Solutions: First-hand experience with SIEM solutions, SOAR workflows, and EDR technologies like Microsoft Defender. ...

and EDR technologies such as Microsoft Defender Demonstrable first-hand experience with modern Security Information and Event Management (SIEM) solutions and related workflow automation (SOAR) Ability to proactively own and coordinate resolving security issues, to ensure solutions continue to meet business needs Ability to break a problem down into ...

related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. Harden ...

ServiceNow SecOps modules including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability ...

needed. Skills & Experience Required: 3+ years of experience as a SOC/Security Engineer within a cloud environment Experience with a range of SIEM, SOAR and vulnerability management tools Experience advising on security best practices and developing SOC playbooks Networking and infrastructure experience, including with Firewalls and IDS/ ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

Integrate security controls into Terraform and other IaC workflows Champion shift-left practicesenabling developers to self-remediate issues during build and coding stages Build SOAR playbooks to automate response and remediation workflows Experience Requirements 3+ years in Cybersecurity and CNAP-focused roles Deep AWS security expertise: IAM, Organizations, SCPs, cloud ...

security threats and vulnerabilities. Security Solution Design and Evaluation. Researching, evaluating, and recommending security technologies, tools (e.g., firewalls, VPNs, IDS/IPS, EDR, SIEM, SOAR), and solutions to mitigate identified threats and address security needs. Policy and Procedure Development: Defining, implementing, and maintaining corporate security policies, standards, and procedures ...

responsibilities include managing MaiServers, Firewalls and Microsoft Gateways. You will be involved in Managing WAF/DDoS, web/email security gateways, SIEM/SOAR/EDR (alert response), firewalls, MFA/SSO, MDM/MAM, vulnerability scans/remediation, security certificates, IDS/IPS, PAM, and deliver security awareness ...

solutions within large enterprise environments 6+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such ...

Centres (SOC), including leadership or managerial responsibilities. Strong technical knowledge of SIEM platforms such as LogRhythm, Splunk, Microsoft Sentinel, or similar. Experience working with SOAR, EDR/XDR, and threat detection technologies. Strong understanding of incident response frameworks and cybersecurity best practices. Experience managing security incidents, investigations, and response coordination. ...

security operations. Develop, optimise, and tune KQL queries for detection engineering and threat hunting. Review and enhance security configurations across cloud and SIEM/SOAR platforms. Manage engagements through architecture, deployment, tuning, documentation, and customer enablement. Identify security gaps and recommend improvements across logging, identity, endpoint hardening, cloud posture, and … misconfigurations and optimisation of security deployments. Leverage scripting, APIs, and automation to streamline repeatable tasks. Integrate firewalls, EDR platforms, logging pipelines, and SIEM/SOAR tooling. Customer & Collaboration Act as a trusted technical advisor to security and engineering stakeholders. Communicate complex technical concepts clearly to both technical and non-technical ...

documents for security solutions. Strong understanding of Security Operations/SOCs. Hyperscaler experience (AWS, Azure, GCP); Professional Cloud Architect cert preferred. SIEM/SOAR tooling (e.g., Google SecOps/Chronicle). EDR/XDR/NDR experience (e.g., Crowdstrike , Corelight, Microsoft Defender XDR). What's on Offer Permanent ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

Microsoft Security tools (Defender, Sentinel, Entra ID - Deploy Microsoft Defender modules - Endpoint, Identity, Cloud Apps & Office 365 - Implement & configure Microsoft Sentinel (SIEM/SOAR): rules, playbooks, automation, alerts - Set up Conditional Access, MFA, PIM & identity security controls in Entra ID - Design & implement Zero Trust models across users, devices & cloud workloads ...

Building high-fidelity, MITRE ATT&CK-aligned detections Designing and maintaining SIEM pipelines (CIM/ECS) Automating detection and response using CI/CD, SOAR and IaC Ensuring SIEM platforms are resilient, scalable and performant If your SIEM experience covers: Proven, hands-on experience with Splunk ES and/ ...

z2bz0 years' experience across network and security engineering (design, build, operate) Strong troubleshooting across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR Hands-on automation experience (e.g., Ansible, Terraform, GitHub, Azure DevOps) Proven ITIL change leadership experience Major Incident Management (MIM) exposure Desirable Certifications CCNP/CCIE Zscaler Professional ...

develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and … threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks such as National Institute of Standards and Technology guidance, International Organization for Standardization ...