1 to 25 of 38 SOAR Jobs in the UK

Essential but a Bonus) Terraform/Ansible (desirable, not required) Cloud security exposure (Azure, AWS, GCP) Threat intel platform experience Experience tuning SIEM/SOAR playbooks CI/CD pipeline security (GitHub Actions, Jenkins, GitLab) Digital forensics knowledge Certifications: Security+, CySA+, GCIH, GCIA, CISSP, CISM, OSCP, CCSP ...

Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/ ...

inform detection strategies. Maintain detailed incident records and conduct post-incident reviews. Technical Skills Hands-on experience with SIEM, EDR, IDS/IPS, and SOAR platforms. Strong knowledge of operating systems (Windows, Linux), network protocols, and packet analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud ...

Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/ ...

highly desirable. Experience with security automation and orchestration, including the use of scripting languages (such as PowerShell or Python) and SOAR platforms to streamline incident response, automate repetitive tasks, and enhance overall security operations. Strong knowledge of security technologies (e.g., firewalls, IDS/IPS, EDR, SIEM) Technical bachelor’s degree ...

Cloud, Azure) Active Directory, Group Policies, PowerShell Endpoint protection applications (Antivirus, Web Filtering, ATP, Encryption) IDP/IPS Systems SIEM tools (such as Splunk) SOAR is an added advantage Knowledge of malware capabilities, attack vectors and impact. Knowledge of the MITRE ATT&CK framework to understand threat actors and ...

identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator with ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

insight into IT architecture, hybrid/cloud models, and security methodologies. Advice on security tooling includes Firewalls, IDS/IPS, CDN, Endpoint Protection, SIEM, SOAR, DLP, PKI and cryptography. Provide security guidance for cloud models such as IaaS, PaaS, SaaS, CASB, Zero Trust and micro-segmentation. Demonstrate a strong understanding ...

guidance What We’re Looking For Strong experience in cyber security operations, engineering, or incident response Hands-on expertise with Defender, Sentinel (SIEM/SOAR), Tenable, CASB, and cloud security (AWS/Azure) Experience delivering security improvements and technical control implementation PowerShell or automation scripting skills Solid understanding of frameworks ...

understanding of cloud security (IaaS, PaaS, SaaS, CASB, Zero Trust, micro-segmentation) Broad knowledge of security technologies (firewalls, IDS/IPS, endpoint protection, SIEM, SOAR, DLP, PKI, cryptography) Solid understanding of IAM concepts (RBAC, ABAC, PAM, SSO) Strong analytical skills with the ability to interpret complex technical information Good understanding ...

firewall management and security principles. Experience with security monitoring tools such as PRTG, Nagios and backup solutions like Veeam is beneficial, as with SIEM & SOAR technologies such as Elastic, Splunk, Phantom Virtualisation & Automation : Knowledge of virtualisation technologies like VMWare, Hyper-V, and Proxmox, along with experience in PowerShell, Python, Ansible ...

need from you? Deep expertise in securing cloud platforms (AWS, Azure, GCP) with a focus on financial services Proven experience with tools like SIEM, SOAR, IDS/IPS, and cloud-native security solutions Strong understanding of encryption protocols, key management systems, and IAM best practices Hands-on experience with container ...

Owners Support projects such as: Firewall migrations, data centre moves, cloud connectivity, segmentation initiatives Zero Trust or least privilege initiatives Integration with SIEM/SOAR tooling Required Skills: Strong hands-on experience administering Palo Alto NGFWs in enterprise environments Proven experience with Panorama for centralised policy and device management Understanding ...

related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. Harden ...

Azure and AWS (GCP desirable). Develop Infrastructure-as-Code using Terraform, Ansible, or similar tools. Build and maintain security integrations between SIEM, SOAR, EDR/XDR, and case management systems. Embed security into CI/CD pipelines and support secure SDLC practices, including container and application security. Enhance ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

Microsoft Sentinel, including log onboarding, connectors, parsers, and data normalisation Monitoring and optimising Sentinel and Defender licensing and ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ...

and Python). Experience with PAM concepts, access control models, and security frameworks (e.g., NIST, ISO 27001, CIS). Experience integrating PAM with SIEM, SOAR, and DevOps pipelines. Architectural and solution design skills, enterprise-scale PAM deployments. Cloud certifications, such as AWS Certified Security, Azure Security Engineer or Google Cloud ...

Manage the full content lifecycle: design test deploy monitor tune retire, with version control and rollback. Automate workflows and configurations using CI/CD, SOAR, scripting and IaC tools (Terraform, Ansible). Ensure platform performance, stability and reliability, including capacity planning, high availability, disaster recovery and proactive monitoring. What ...

role, you should have: 7+ years of sales experience in IT/Cyber Security Experience in selling cybersecurity technologies and solutions such as SIEM, SOAR, Threat Intelligence, BAS, Threat Hunting, EDR, NDR, cloud security, and vulnerability management Understanding of SaaS/Cloud Go-to-market Proven track record of success ...

Identity Track record of delivering measurable security outcomes (e.g., zero-trust implementation, faster detection/response, platform adoption) Hands-on expertise in SIEM/SOAR, XDR, cloud security, incident response, or related areas Experience with Microsoft Azure and MDR/XDR platforms, including email security tooling Strong leadership, coaching, and ...

Strong communicator who can simplify complex intelligence concepts Experience engaging directly with enterprise customers Bonus: Experience with OSINT, vendor risk, cyber analytics, SIEM/SOAR or intelligence platforms Leadership Qualities Product thinker who can switch between strategy and detail Highly structured in prioritisation, problem definition and delivery Empathetic communicator and ...

Tech Environment You’ll work across modern security tooling including: SIEM (Rapid7), XDR (SentinelOne), Fortinet firewalling, vulnerability management, PAM (Delinea), ZTNA/SSE (Netskope), SOAR, automation (Terraform/Ansible) and cloud security platforms. What we’re looking for Strong consultancy background with excellent client‐facing skills. Experience leading cyber security ...

investigation, response, and escalation Build and mature operational playbooks, workflows, and runbooks to improve consistency and speed of response Shape the use of SIEM, SOAR, EDR, and threat intelligence to improve signal quality and reduce manual effort Establish and track meaningful operational metrics (e.g. detection coverage, MTTR, alert quality ...