23 of 23 SOAR Jobs in the UK excluding London

Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/ ...

Entra ID and Active Directory, overseeing requirements for Conditional Access, MFA, SSO, and PIM. Threat Detection & Incident Response: Own and operate the SIEM/SOAR stack, including Microsoft Sentinel and Defender XDR, to develop detection rules and support forensic investigations. Infrastructure Hardening: Enforce secure baselines across virtualized environments (VMware/ ...

highly desirable. Experience with security automation and orchestration, including the use of scripting languages (such as PowerShell or Python) and SOAR platforms to streamline incident response, automate repetitive tasks, and enhance overall security operations. Strong knowledge of security technologies (e.g., firewalls, IDS/IPS, EDR, SIEM) Technical bachelor’s degree ...

identify trends, and deliver actionable security insights. Strong track record in threat detection, incident management, and escalation handling. Hands-on experience managing SIEM and SOAR platforms such as Splunk, Microsoft Sentinel, or Elastic. Skilled in coaching analysts, building high-performing teams, and managing effective shift models. Confident communicator with ...

Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies ...

guidance What We’re Looking For Strong experience in cyber security operations, engineering, or incident response Hands-on expertise with Defender, Sentinel (SIEM/SOAR), Tenable, CASB, and cloud security (AWS/Azure) Experience delivering security improvements and technical control implementation PowerShell or automation scripting skills Solid understanding of frameworks ...

understanding of cloud security (IaaS, PaaS, SaaS, CASB, Zero Trust, micro-segmentation) Broad knowledge of security technologies (firewalls, IDS/IPS, endpoint protection, SIEM, SOAR, DLP, PKI, cryptography) Solid understanding of IAM concepts (RBAC, ABAC, PAM, SSO) Strong analytical skills with the ability to interpret complex technical information Good understanding ...

firewall management and security principles. Experience with security monitoring tools such as PRTG, Nagios and backup solutions like Veeam is beneficial, as with SIEM & SOAR technologies such as Elastic, Splunk, Phantom Virtualisation & Automation : Knowledge of virtualisation technologies like VMWare, Hyper-V, and Proxmox, along with experience in PowerShell, Python, Ansible ...

need from you? Deep expertise in securing cloud platforms (AWS, Azure, GCP) with a focus on financial services Proven experience with tools like SIEM, SOAR, IDS/IPS, and cloud-native security solutions Strong understanding of encryption protocols, key management systems, and IAM best practices Hands-on experience with container ...

related services. Integrate security into DevOps pipelines, CI/CD, infrastructure-as-code, and container workflows. Automate threat detection and response using Microsoft Sentinel SOAR, custom playbooks, and telemetry pipelines. Platform Security Oversight Own and optimise endpoint security through Intune, ensuring device compliance and integration with Zero Trust. Harden ...

Microsoft Sentinel, including log onboarding, connectors, parsers, and data normalisation Monitoring and optimising Sentinel and Defender licensing and ingestion costs Designing automated response and SOAR workflows using Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ...

and Python). Experience with PAM concepts, access control models, and security frameworks (e.g., NIST, ISO 27001, CIS). Experience integrating PAM with SIEM, SOAR, and DevOps pipelines. Architectural and solution design skills, enterprise-scale PAM deployments. Cloud certifications, such as AWS Certified Security, Azure Security Engineer or Google Cloud ...

Manage the full content lifecycle: design test deploy monitor tune retire, with version control and rollback. Automate workflows and configurations using CI/CD, SOAR, scripting and IaC tools (Terraform, Ansible). Ensure platform performance, stability and reliability, including capacity planning, high availability, disaster recovery and proactive monitoring. What ...

Tech Environment You’ll work across modern security tooling including: SIEM (Rapid7), XDR (SentinelOne), Fortinet firewalling, vulnerability management, PAM (Delinea), ZTNA/SSE (Netskope), SOAR, automation (Terraform/Ansible) and cloud security platforms. What we’re looking for Strong consultancy background with excellent client‐facing skills. Experience leading cyber security ...

identity and access, network, system, data, application, cloud - and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Experienced in Kusto Query Language (KQL) Team leadership experience with great collaboration and stakeholder management skills Candidates must have ...

genuinely interested in how security integrates with manufacturing, warehouse operations, and wider business processes. Key focus areas: Lead senior‐level Incident Response (SIEM/SOAR) Act as escalation point for complex or high‐severity incidents Shape OT‐aligned security controls, detections, and response playbooks Collaborate closely with warehouse, manufacturing, and ...

internal IT, security, infrastructure and OT stakeholders Manage third-party vendors, MSSPs and tooling partners Support selection and implementation of SOC tooling (e.g. SIEM, SOAR, detection and response platforms) Ensure clear operating models, processes and handovers into BAU Track progress, manage issues, and report clearly to senior stakeholders Support ...

tuning MITRE ATT&CK-aligned detections with low noise Owning the SIEM content lifecycle end to end Automating SIEM workflows using CI/CD, SOAR and IaC Ensuring platform resilience, performance and scalability If your SIEM journey includes the following this could be the role for you: Strong hands ...

Dublin, Ireland. Learn more at experianplc.com. Internal Grade D/EB8 Job Description Experian's Global Security Operations (GSO) team is seeking a Lead SOAR Engineer to drive the evolution of our security automation strategy and guide junior level engineers. As a leader within the Threat Detection Engineering team … will architect and oversee the development of intelligent SOAR solutions, integrating GenAI and Agentic Frameworks to enable adaptive, context-aware automation. You'll lead Agile CI/CD initiatives, mentor engineers, and collaborate to deliver scalable, secure automation capabilities that enhance Experian's global security posture. Important Responsibilities Lead ...

and improving detection across SIEM and EDR platforms. Proactive threat hunting across cloud infrastructure, applications, and CI/CD environments. Building and maintaining automation and response playbooks using SOAR tooling. Working closely with DevOps, infrastructure and engineering teams to improve security posture and response capability. Reducing alert fatigue, improving logging ...

with enterprise architecture standards, secure by design principles, and regulatory requirements. - development of data ingestion, telemetry, and integration patterns between Darktrace, Defender, SIEM/SOAR tools, and existing security stacks. - production of architecture decision records, design patterns, and technical documentation for long-term maintainability. - Leading technical delivery workstreams, providing direction … across both platforms. - Coordinate testing, validation, and acceptance of detection capabilities, including simulation of realistic attack techniques. - Integrate Darktrace and Defender outputs into SIEM, SOAR, and ticketing systems. - Work with SOC and automation teams to design playbooks, response workflows, and escalation paths. - Ensure centralised logging, enrichment, and context tagging ...

Responsibilities: Manage and maintain on-premises infrastructure technologies, specifically acting as a Subject Matter Expert (SME). Responsible for Firewall administration, SIEM and SOAR platforms, and Vulnerability management. Oversee and enhance security measures within the Microsoft 365 stack. Collaborate with team members on complex projects while independently owning specific technical … domains. Perform network troubleshooting and respond effectively under pressure in a fast-paced environment. Key Skills: Check Point, Palo Alto, Splunk SOAR, LogRhythm, Tenable, Cisco, Microsoft 365, PowerShell, Firewalls, SIEM, SOAR, Vulnerability Management, Network Security, NSD. How to apply: Please either apply through this advert or emailing me directly ...

Role: SOC -Security Platform Engineer Location: London Salary: Competitive salary and package dependent on experience Career Level: Specialist Please Note: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a ...