25 of 25 Remote SOAR Jobs in the UK excluding London

NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT More ❯

NIS2, CAF, ISO 27001). Skills & Experience Required Extensive background in SOC operations, incident response, and threat hunting. Expertise with the Microsoft security stack, including: Microsoft Sentinel (SIEM/SOAR) Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT More ❯

In 2022 we built out an exciting SIEM/SOAR and ManagedDetection and Response service called SEP2.security, built upon Google CloudSecurity's Chronicle stack. Due to customer demand, we are now looking to hire aPrincipal Cyber Security Engineer to join this every growing team. The Security Intelligence Services team, that this role issituated in, provides security monitoring and use case … customer facing situations. Qualifications and Experience Experienceas a Cyber SOC Analyst/or similar role. Provenexperience in deploying SIEM (Security Information and Event Management)and SOAR (Security orchestration, automation, and response) solutions toachieve positive outcomes. Our tools include Google ChronicleSIEM/Siemplify SOAR and LogRhythm, but experience with other platformssuch as Microsoft Sentinel, Splunk, Qradar, or Humio/Logscale is More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

cyber incident response Strong background in forensic analysis across Windows, MacOS, and Unix systems Experience in large-scale corporate environments, ideally with Microsoft Azure Proficiency in tools like EDR, SOAR, SIEM, and scripting languages (Python, PowerShell) Calm, analytical mindset with the ability to lead technical investigations under pressure Bonus: Experience with static and dynamic file/malware triage Why Tesco More ❯

and inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts … security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep More ❯

and inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts … security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security More ❯

who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting … platforms such as Sentinel, Splunk, Defender, or Elastic. Scripting/automation ability (PowerShell, KQL, Python, etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications More ❯

for one or more of the following vendors: Fortinet, Palo Alto, Juniper, Cisco, Netskope, Zscaler, CrowdStrike. We would also love to receive applications from people with skills solutioning SIEM, SOAR, or Managed Security Services (experience in DDoS, WAF, IDAM, EDR, MDM or Vulnerability Management is a plus). We are also interested to hear from candidates with operational expertise in More ❯

Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯

Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯

and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 – £60,000 depending on experience Dynamic (hybrid) working :2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯

and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working : 2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯

across the entire IT estate. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated authentication models Understanding of security automation concepts, including security orchestration and response (SOAR) including ability to script or automate repetitive tasks. Experience producing security artefacts and configuration documentation, including risk assessments, security design records, hardening standards, control implementation guides More ❯

UK (Hybrid - 3 days/week) Type of employment - Contract (Initially 6 months) Job Description: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

UK (Hybrid - 3 days/week) Type of employment - Contract (Initially 6 months) Job Description: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

UK (Hybrid - 3 days/week) Type of employment - Contract (Initially 6 months) Job Description: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

We are looking to recruit an experienced Microsoft Cyber Security Analyst who has a wealth of practical experience Sentinel, Defender and SOAR Automation with a good understanding of applying Cyber Security tools in a Microsoft based Cloud infrastructure. On this contract you will be a key member of the team responsible for securing our clients digital infrastructure. As the Microsoft … Cyber Security Analyst you will responsible for the implementation, configuration and optimisation of Microsoft Sentinel, Microsoft Defender and SOAR Playbook automation and deployment. You will also need to be proficient in the use of KQL. In this role you will be the Microsoft Cyber Security SME and will be key to creating a secure Azure based Cloud infrastructure. You will More ❯

are looking to recruit an experienced Microsoft Cloud Infrastructure Engineer who has ideally gained experience in the deployment and support of Cyber Security tools such as Sentinel, Defender and SOAR Automation. What you must have is a wealth of experience deploying, managing and supporting a Cloud based Microsoft infrastructure including Azure, Active Directory and Exchange. On this contract you will … the Cyber Security team to deploy and manage the Azure based Cloud Infrastructure and Cyber security estate including the implementation, configuration and optimisation of Microsoft Sentinel, Microsoft Defender and SOAR Playbook automation and deployment. Experience of KQL will be an advantage. In this role you will be part of the Microsoft Infrastructure and Cyber Security team and will be key More ❯