51 to 75 of 79 SOAR Jobs in the UK

will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. … tools and platforms (e.g. Azure, AWS Google Cloud) and their integration into SOC operations. Experience using Microsoft Sentinel SIEM. Other vendor-specific certifications for SOAR platforms (e.g. Splunk SOAR, Palo Alto Cortex XSOAR). Experience contributing to large-scale, sprint-based, security automation and detection engineering projects. "Nice To Have More ❯

and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and … and Microsoft Defender for Cloud. * Proficiency in SIEM architecture, security event correlation, log ingestion, and cloud security analytics. * Hands-on experience with security automation (SOAR), threat intelligence platforms, and log parsing techniques. * Strong understanding of MITRE ATT&CK framework, Zero Trust, and cloud security best practices. * Knowledge of Azure, AWS More ❯

objectives Skills and experience we are looking for in our Information Security Officer: Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

objectives Skills and experience we are looking for in our Information Security Officer: Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

of automation processes for security monitoring, alerting, and incident response. This includes developing and maintaining playbooks, workflows, and integrations with SOC tools (SIEM, EDR, SOAR). Incident Response & Threat Analysis: Coordinate and assist in the investigation of security incidents, focusing on both cloud and on-premises environments. Perform root cause … role, with a strong emphasis on automation, threat hunting, and cloud security (AWS, Azure). Technical Expertise: Strong understanding of SOC tools (SIEM, EDR, SOAR) and security automation frameworks. Proficiency in Python, SQL, and cloud infrastructure (AWS, Azure). Experience with cloud-native security services (e.g., WAF, IAM, Shield). More ❯

be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data … party vendors and service providers to leverage automation opportunities and ensure successful integrations. Desirable Skills and Experience: Vendor-specific certifications for Security orchestration, automation, and response platforms Ability to develop and implement long-term automation strategies aligned with security operation objectives. Ability to translate technical concepts into clear, actionable insights More ❯

be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data … party vendors and service providers to leverage automation opportunities and ensure successful integrations. Desirable Skills and Experience: Vendor-specific certifications for Security orchestration, automation, and response platforms Ability to develop and implement long-term automation strategies aligned with security operation objectives. Ability to translate technical concepts into clear, actionable insights More ❯

with bespoke security monitoring and detection methodologies (Detection Logic) Hands-on experience with Google SecOps Platform Engineering & Maintenance Experience with Google SecOps SIEM and SOAR capabilities Splunk SIEM platform experience is desirable Location This is a home-based role, with occasional travel to the local office as needed. About Us More ❯

presentations, preparing bids and tenders, creating content, and potentially contributing to blogs or videos-no two days will be the same. Experience in SIEM, SOAR, or Managed Security Services is essential. Additional hands-on experience with DDoS, WAF, IDAM, EDR, MDM , or Vulnerability Management is highly desirable. They are also More ❯

Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations. Automating Response Actions: Develop and improve SOAR playbooks to automate repetitive tasks and enhance the incident response process. Collaboration: Work closely with onshore teams to fine-tune alert volumes and contribute ideas … Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies. Strong knowledge of Linux and Windows operating systems. Familiarity with SOAR technologies (e.g., IBM Resilient, Splunk Phantom, SIEMplify) and cloud platforms (e.g., AWS, Azure, O365). Experience investigating intrusions in Linux and cloud environments. Proficiency in More ❯

on expertise in any of the following vendors: Fortinet, Palo Alto, Cisco, Juniper, Zscaler, CrowdStrike... Experience in any of the following is advantageous: SIEM, SOAR, MSSP, DDoS, WAF, EDR, IDAM... Excellent communication skills and the ability to simplify complex concepts for a range of stakeholders A proactive, can-do attitude More ❯

in consultative selling of complex technical services. Recognized external expertise in areas such as: Vulnerability management Cyber tolerant backup DORA compliance NIST frameworks Modern SOAR SOC services Risk-based vulnerability remediation Digital operational resiliency Preferred Skills and Experience Bachelor’s or Master’s degree in a relevant field. Minimum of More ❯

and tender proposals. Managing and updating sales-related Bill of Materials. Key Requirements: A technical background in Cyber-Security and Networking. Knowledge of SIEM, SOAR, or Managed Security Services is advantageous, particularly in areas like DDoS protection, WAF, IDAM, EDR, MDM, or Vulnerability Management. Multi-vendor knowledge, e.g. Fortinet, Palo More ❯

and document, spreadsheet, and presentation software. Experience with detection tuning and creation leveraging various security tools including SIEM, EDR, or NDR tools. Experience with Security Orchestration and Automated Response (SOAR) platforms. Preferred qualifications: Experience with Search Processing Language (SPL), Kusto Query Language (KQL), YARA-L or similar SIEM query languages. … Security Operations Center (SOC) to maintain effective incident detection and response capabilities. You will be developing and supporting automation playbooks within a client's Security Orchestration and Automated Response (SOAR) platform. You will work as a member of a technical team in a rapidly changing environment, administer a variety of … fidelity through metrics creation, tracking, responding to tuning requests, implementing incident-specific detection logic, etc. Support development of automations and orchestration playbooks in client SOAR platforms. Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the More ❯

Technical Account Management Oversee security tool deployments and client onboarding, ensuring seamless integration into SOC services Collaborate with internal teams to enhance automation and SOAR workflows Work closely with clients to define security objectives and implement tailored security solutions Serve as the key technical contact for major SOC clients, maintaining … years of experience in a SOC environment, with at least 1 year in a leadership role Strong technical knowledge of security tools, including SIEM, SOAR, EDR, Firewalls, and Threat Intelligence platforms Hands-on experience with security incident handling, threat hunting, and forensic analysis Excellent understanding of attack tactics, techniques, and More ❯

OT monitoring solutions. Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs and vendor performance. Build and … NIST, ISO, GDPR). Stay ahead of evolving cyber threats and trends. Ideal Candidate Strong Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive More ❯

OT monitoring solutions. Build OT-specific detection and response capabilities, including custom playbooks. Technology Implementation Oversee global deployment of SIEM (e.g., Splunk, Graylog, Wazuh), SOAR, EDR, and Threat Intel platforms. Vendor & Team Management Act as the primary contact for the outsourced SOC provider; manage SLAs and vendor performance. Build and … NIST, ISO, GDPR). Stay ahead of evolving cyber threats and trends. Ideal Candidate Strong Linux and open-source experience. Technical expertise with SIEM, SOAR, EDR, and OT protocols Familiar with SCADA/ICS environments and MITRE ATT&CK framework. Skilled in incident response, threat hunting, SLA management, and executive More ❯

threat intelligence Strong technical foundation and understanding of security concepts, solutions and technologies; experience with enterprise security services such as EDR, SIEM technologies, and SOAR platforms is essential Familiarity with frameworks such as MITRE ATT&CK and how to utilise them in the assessment of detection capabilities and coverage Skilled … have a strong technical foundation and understanding of security concepts, solutions and technologies; experience with enterprise security services such as EDR, SIEM technologies, and SOAR platforms? Select Please note that this is essential for success in this role. Do you have at least 5+ years of hands-on, in-depth More ❯

GSOC) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats. What will you be doing? SOAR Playbook Development, Programming new API Integrations, developing new automation tasks and maintenance. Responsible for installation, management, maintenance, and support of GSOC tools hosted on multiple … Amazing Extras: Preferred experience in a Security Operations environment Preferred experience with recognized SIEM solutions, preferably Azure Sentinel Preferred experience with developing and configuring SOAR tools such as XSOAR or Azure Logic Apps with Azure Functions Preferred experience with Query Languages, preferably KQL Preferred a good working knowledge of Microsoft More ❯

the integration and utilization of these key security tools. Responsibilities include designing and optimizing SIEM rules for superior threat detection and incident management, deploying SOAR tools for automated security responses, and ensuring robust API security. The engineer will oversee the performance and security posture of our platforms, customize client reports … XDR products Strong background in SIEM rule design and optimization Extensive experience in implementing and overseeing Endpoint Detection and Response (EDR) solutions Experience with SOAR tools and automated security response implementations Familiarity with API security protocols and measures Ability to analyze large amounts of data from various sources to solve More ❯

in creation and maintenance of security processes, playbooks, and documentation to standardise SOC operations. Design and implement automation workflows and integrations using Logic Apps, SOAR platforms, and scripting to enhance SOC efficiency. Assist in the monitoring and investigation of security alerts when required, supporting the SOC team. Contribute to the … security monitoring. Experience in developing KQL queries, custom detection rules. Familiarity with automation and integration tools such as Logic Apps, Power Automate, or other SOAR platforms. Knowledge of cloud security, particularly Azure, AWS, and Google Cloud. Excellent documentation skills and process-building capabilities. Great communication skills and ability to work More ❯

SOC EDR-Centric Response – Work extensively with EDR tools (primary alert source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this … and supporting security tools Strong technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud environments (Azure, AWS, O365) Familiarity with SOAR and scripting for automation (Kusto, SQL, Regex) Excellent communication skills and a proactive, composed approach under pressure Join a team that’s reshaping cyber defence More ❯

SOC EDR-Centric Response – Work extensively with EDR tools (primary alert source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this … and supporting security tools Strong technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud environments (Azure, AWS, O365) Familiarity with SOAR and scripting for automation (Kusto, SQL, Regex) Excellent communication skills and a proactive, composed approach under pressure Join a team that’s reshaping cyber defence More ❯

SOC EDR-Centric Response – Work extensively with EDR tools (primary alert source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this … and supporting security tools Strong technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud environments (Azure, AWS, O365) Familiarity with SOAR and scripting for automation (Kusto, SQL, Regex) Excellent communication skills and a proactive, composed approach under pressure Join a team that’s reshaping cyber defence More ❯

SOC EDR-Centric Response – Work extensively with EDR tools (primary alert source) to detect and analyse modern threats Fine-Tuning & Reporting – Tune SIEM and SOAR systems for accuracy, and deliver clear, actionable incident reports Technical Threat Intelligence – Stay ahead of emerging attack vectors, especially those identified via EDR; apply this … and supporting security tools Strong technical knowledge of TCP/IP, OSI model, Windows/Linux , and cloud environments (Azure, AWS, O365) Familiarity with SOAR and scripting for automation (Kusto, SQL, Regex) Excellent communication skills and a proactive, composed approach under pressure Join a team that’s reshaping cyber defence More ❯