26 to 50 of 111 SOAR Jobs in the UK

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

project teams, security stakeholders, and cloud architecture groups. Must-Have Skills Experience with Azure Sentinel: Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud: Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience with LogicMonitor More ❯

project teams, security stakeholders, and cloud architecture groups. Must-Have Skills Experience with Azure Sentinel: Deploy and manage connectivity to AWS and GitHub Debug Azure LogicApps supporting SIEM and SOAR Proficient in KQL for log analysis Expertise in Defender for Cloud: Deploy and manage Workbooks Configure Azure Policies for security posture Implement regulatory compliance templates Hands-on experience with LogicMonitor More ❯

into policy, technical, and training improvements. Continuous Improvement and Innovation Keep abreast of emerging threats, vulnerabilities, and industry best practices. Champion innovation in security practices, tools, and automation (e.g., SOAR, XDR). Evaluate and recommend security products and services. Lead or contribute to security maturity assessments and roadmaps. TEQ- INDJS1 Disclaimer : On applying for this vacancy, you agree that your More ❯

into policy, technical, and training improvements. Continuous Improvement and Innovation Keep abreast of emerging threats, vulnerabilities, and industry best practices. Champion innovation in security practices, tools, and automation (e.g., SOAR, XDR). Evaluate and recommend security products and services. Lead or contribute to security maturity assessments and roadmaps. This is a Full time role on a temporary contract basis. If More ❯

integrating SIEM/security analytics solutions within large enterprise environments 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence Ability to conceive, architect, and develop effective correlation and detection rules Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar More ❯

Splunk —and able to go beyond dashboards to build detections, correlations, and meaningful insights. Experience centralising log sources and onboarding new tools and data feeds into a SIEM/SOAR platform. Strong understanding of threat hunting methodologies, vulnerability management, and incident response. Knowledge of frameworks: ISO27001, NIST CSF, SOC2, Cyber Essentials Plus. Comfortable adapting to unfamiliar tooling and integrating new More ❯

detection engineering efforts. Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage At Tesco More ❯

and energy innovation. Key Responsibilities: Lead the architecture and design of ServiceNow SecOps modules (Security Incident Response, Vulnerability Response, Threat Intelligence, etc.). Integrate ServiceNow with cybersecurity tools (SIEM, SOAR, EDR, CMDB, OT/ICS). Work with cybersecurity, IT, and engineering teams to automate and improve response workflows. Define and deliver the SecOps roadmap and best practices for multiple More ❯

threats, malware, and security analytics Experience (5+ years) in cyber security roles preferred Desirable certifications: CISSP, CISM, CCSP, CRISC (or equivalent) Experience across areas such as AD, PKI, SIEM, SOAR, cryptography, or virtualization (VMware) Eligibility for SC Clearance is mandatory. Eligibility to work in the UK is essential. Robert Walters Operations Limited is an employment business and employment agency and More ❯

Design and own the architecture for ServiceNow SecOps modules - including Security Incident Response, Vulnerability Response, Threat Intelligence, and Configuration Compliance. Lead integration of ServiceNow with key cybersecurity tools: SIEM, SOAR, EDR, CMDB, threat intelligence platforms, and OT/ICS systems. Collaborate across cybersecurity, IT, engineering, and energy operations to define secure workflows and automation for vulnerability and incident response. Shape More ❯

will work with enterprise clients, and internally, to perform threat-informed detection engineering and threat research, implement security data lakes, SIEM and data pipelines strategies and transform response with SOAR and AI-SOC tooling. You will have the opportunity to shape everything from our technical architecture and services to our company culture, while working on innovative detection engineering challenges. 5+ More ❯

and energy innovation. Key Responsibilities: Lead the architecture and design of ServiceNow SecOps modules (Security Incident Response, Vulnerability Response, Threat Intelligence, etc.). Integrate ServiceNow with cybersecurity tools (SIEM, SOAR, EDR, CMDB, OT/ICS). Work with cybersecurity, IT, and engineering teams to automate and improve response workflows. Define and deliver the SecOps roadmap and best practices for multiple More ❯

architecture role. Background working with or for a VAR, Systems Integrator, or Security Vendor highly desirable . Technical Expertise Strong understanding of enterprise security technologies, including firewalls, SIEM/SOAR, IAM, DLP, SASE, Zero Trust, and cloud security. Working knowledge of AWS, Azure, and GCP security services. Broad understanding of networking, virtualisation, and enterprise infrastructure. CISSP, CCSP, or equivalent security More ❯

and inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts … security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep More ❯

incident reviews and ensure lessons learned drive continuous improvement. Continuous Improvement and Innovation Stay informed on emerging threats and industry trends. Champion automation and innovation in security operations (e.g. SOAR, XDR). Drive security maturity assessments and roadmap development. Essential Experience Proven leadership in IT or cyber security at enterprise or local authority level. Strong understanding of security governance, risk More ❯

Proven expertise in Microsoft Sentinel and Office 365 E5 security products. • Strong understanding of Azure services, including Azure AD, Defender for Cloud, and Logic Apps. • Experience with SIEM/SOAR platforms, KQL, and automation workflows. • Familiarity with compliance frameworks: ISO 27001, NIST, PCI-DSS, GDPR. • Excellent communication and stakeholder engagement skills. • Certifications such as SC-100, AZ-500, MS More ❯

external security assessments and audits Update and maintain incident response plans, playbooks, and procedures Provide 3rd-line support to IT colleagues and the wider business Technical Skills: SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting Familiarity with security frameworks Azure and M365 security configuration and alert investigation Dashboards and visualisation tools Firewalls (CheckPoint, VMware NSX) Windows More ❯

external security assessments and audits * Update and maintain incident response plans, playbooks, and procedures * Provide 3rd-line support to IT colleagues and the wider business Technical Skills:* SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting * Familiarity with security frameworks * Azure and M365 security configuration and alert investigation * Dashboards and visualisation tools * Firewalls (CheckPoint, VMware NSX) * Windows More ❯

practices, application security tooling (SAST/SCA/DAST), cloud security (CSPM/CIEM/CNAPP), and infrastructure hardening. Incident Detection & Response : Strong skills in threat detection, SIEM/SOAR, incident response, and achieving low MTTD/MTTR; experience with purple teaming and tabletop exercises. Network Security : Understanding of routing security principles (BGP/RPKI), network segmentation and DDoS mitigation More ❯

Security Operations working within or alongside Security Operations Centre(s). Experience working in all hyperscaler environments, preferably holding Professional Cloud Architect or equivalent Certification. Experience with multiple SIEM & SOAR Tooling, preferably Google SecOps (formerly Chronicle/Simplify). Strong written, verbal and presentation skills. Excellent communication and interpersonal skills, with the ability to build strong relationships with clients and More ❯