26 to 50 of 80 SOAR Jobs in the UK excluding London

Splunk —and able to go beyond dashboards to build detections, correlations, and meaningful insights. Experience centralising log sources and onboarding new tools and data feeds into a SIEM/SOAR platform. Strong understanding of threat hunting methodologies, vulnerability management, and incident response. Knowledge of frameworks: ISO27001, NIST CSF, SOC2, Cyber Essentials Plus. Comfortable adapting to unfamiliar tooling and integrating new More ❯

threats, malware, and security analytics Experience (5+ years) in cyber security roles preferred Desirable certifications: CISSP, CISM, CCSP, CRISC (or equivalent) Experience across areas such as AD, PKI, SIEM, SOAR, cryptography, or virtualization (VMware) Eligibility for SC Clearance is mandatory. Eligibility to work in the UK is essential. Robert Walters Operations Limited is an employment business and employment agency and More ❯

and inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts … security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep More ❯

and inclusion • Paid training and certification pathways with clear routes into consultancy or leadership What You’ll Be Doing • Designing, deploying and maintaining core SOC technologies including SIEM, EDR, SOAR, threat intelligence and logging infrastructure • Developing and refining detection use cases, correlation rules and analytics content • Building automation workflows and integrations through scripting or automation platforms • Collaborating with SOC analysts … security across Azure, AWS and M365 • Strong grasp of network, system and identity security fundamentals • Analytical mindset and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep More ❯

incident reviews and ensure lessons learned drive continuous improvement. Continuous Improvement and Innovation Stay informed on emerging threats and industry trends. Champion automation and innovation in security operations (e.g. SOAR, XDR). Drive security maturity assessments and roadmap development. Essential Experience Proven leadership in IT or cyber security at enterprise or local authority level. Strong understanding of security governance, risk More ❯

external security assessments and audits Update and maintain incident response plans, playbooks, and procedures Provide 3rd-line support to IT colleagues and the wider business Technical Skills: SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting Familiarity with security frameworks Azure and M365 security configuration and alert investigation Dashboards and visualisation tools Firewalls (CheckPoint, VMware NSX) Windows More ❯

external security assessments and audits Update and maintain incident response plans, playbooks, and procedures Provide 3rd-line support to IT colleagues and the wider business Technical Skills: SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting Familiarity with security frameworks Azure and M365 security configuration and alert investigation Dashboards and visualisation tools Firewalls (CheckPoint, VMware NSX) Windows More ❯

external security assessments and audits Update and maintain incident response plans, playbooks, and procedures Provide 3rd-line support to IT colleagues and the wider business Technical Skills: SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting Familiarity with security frameworks Azure and M365 security configuration and alert investigation Dashboards and visualisation tools Firewalls (CheckPoint, VMware NSX) Windows More ❯

external security assessments and audits * Update and maintain incident response plans, playbooks, and procedures * Provide 3rd-line support to IT colleagues and the wider business Technical Skills:* SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting * Familiarity with security frameworks * Azure and M365 security configuration and alert investigation * Dashboards and visualisation tools * Firewalls (CheckPoint, VMware NSX) * Windows More ❯

4+ years of experience with endpoint platforms, including hands-on work with forensics, EDR/SIEM, and incident response systems. Familiarity with the security operations landscape, including SIEM, XDR, SOAR, ASM, and SOC workflows. Experience in building SOC workflows, supporting incident response, and integrating security tools into enterprise environments. At least 2 years of hands-on experience with one or More ❯

Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. … and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). More ❯

Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. … and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). More ❯

strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the ability More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

cybersecurity threats and trends. Familiarity with NCSC CAF, ONR SyAPs, and ISO27001 frameworks. Nice to have: Experience in complex, regulated environments, especially Critical National Infrastructure (CNI). Awareness of SOAR platforms and automation in incident response. Immediate availability If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

and custom detections Familiarity with adversary TTPs and the MITRE ATT&CK framework Experience with endpoint forensics, malware analysis, and security event correlation Hands-on experience with SIEM and SOAR platforms Solid understanding of operating system internals (macOS, Windows, Linux) Experience with security in a SaaS environment and working closely with engineering teams Background in using DevOps toolsets and programming More ❯

through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security More ❯

Workspace security, Proofpoint (email security). Azure guardrails (Entra/Conditional Access, Azure Policy/PaC), Kubernetes context for platform integrations. Experience integrating CNAPP/CSPM or SIEM/SOAR signals into advisory workflows. Why join Shape a green-field Security Platform capability with real impact across dozens of teams. Modern stack, supportive culture, funded training/certifications and clear More ❯

Workspace security, Proofpoint (email security). Azure guardrails (Entra/Conditional Access, Azure Policy/PaC), Kubernetes context for platform integrations. Experience integrating CNAPP/CSPM or SIEM/SOAR signals into advisory workflows. Why join Shape a green-field Security Platform capability with real impact across dozens of teams. Modern stack, supportive culture, funded training/certifications and clear More ❯