51 to 75 of 111 SOAR Jobs in the UK

Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. … and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). More ❯

strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the ability More ❯

experience leading and managing technical teams. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO/IEC 27001, IAM). Proficiency with cybersecurity tools and platforms (e.g., SIEM, SOAR, SAS, Sandboxes, EDR solutions and cloud technologies). Working of knowledge of access control principles, cloud technologies (CNAPP, CSPM), data retention, and encryption methodologies. Excellent problem-solving, investigative mindset, and More ❯

operations, insider threat programs, or related investigative/analytical roles (SOC, threat detection, or risk analysis). Hands-on experience with tools such as SIEM, DLP, UEBA, EDR, or SOAR . Strong understanding of data protection, behavioral analysis, and incident response principles. Experience managing sensitive investigations with HR, Legal, or Compliance teams. Knowledge of privacy and regulatory frameworks (GDPR, HIPAA More ❯

cybersecurity threats and trends. Familiarity with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call More ❯

cybersecurity threats and trends. Familiarity with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct … functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security (Azure & AWS) . More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct … functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security (Azure & AWS) . More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct … functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security (Azure & AWS) . More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct … functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security (Azure & AWS) . More ❯

multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired More ❯

multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired More ❯

multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired More ❯

and custom detections Familiarity with adversary TTPs and the MITRE ATT&CK framework Experience with endpoint forensics, malware analysis, and security event correlation Hands-on experience with SIEM and SOAR platforms Solid understanding of operating system internals (macOS, Windows, Linux) Experience with security in a SaaS environment and working closely with engineering teams Background in using DevOps toolsets and programming More ❯

with zero-trust security models and endpoint detection and response (EDR). Certifications such as CISSP, CISM, Microsoft Security certifications, or equivalent. Experience integrating device telemetry into SIEM and SOAR platforms. Who You'll Work With Work Environment & Additional Information: Hybrid or on-site work model. Occasional travel for global alignment or vendor engagements. Ability to operate in a fast More ❯

resilient, resourceful, and relentless in your pursuit of product excellence. As a bonus, you understand and have built integrations for popular cybersecurity partner solutions, such as Splunk Enterprise, Splunk SOAR, Palo Alto Networks Cortex XSOAR, Microsoft Sentinel, Google SecOps, and/or others. About Dataminr At Dataminr, we are a mission driven team of talented builders, creators and visionaries who More ❯

through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security More ❯