26 to 50 of 61 SOAR Jobs in the UK excluding London

be responsible for detecting, responding and mitigating cyber-attacks on our clients customers networks within their Security Operations Centres using a combination of our SOAR, Elastic and the Microsoft XDR ecosystem to deliver effective and appropriate defences for our client. Previus experience with Sentinel 1 would be highly benefitial. This More ❯

etc). An understanding of cloud-native infrastructure (e.g. microservices, containerisation, Kubernetes, serverless computing). An understanding and/or experience with SIEM, SOAR and EDR. Knowledge and/or understanding of data and analytics in terms of cybersecurity implications. Missing skills? Let us be the judge! BMT are passionate More ❯

workshops, represent the project at key meetings such as the ADF, TDAs etc. Represent the project across all technical discussions relating to Splunk. Onboarding, SOAR, Attack Analyzer etc. Requirements: Splunk SaaS experience and expertise as a lead architect and/or engineer A credible technology leader who can drive through More ❯

conduct forensic investigations, and support remediation efforts. Vulnerability Management – Identify, assess, and report on security risks, ensuring proactive mitigation strategies. Security Automation & Intelligence – Leverage SOAR platforms and threat intelligence tools to enhance detection capabilities and streamline responses. Collaboration & Communication – Work closely and collaborate with senior analysts and clients to keep More ❯

Center, AzureSentinel). Experiencewith security features and configurations. Proven experience of migrating from Cyber Essentialsto the Cyber Assessment Framework (CAF). Proven experience implementing SOAR services. StrongKnowledge of Windows Server security and Active Directory. Familiaritywith security frameworks and standards (e.g., NIST, ISO 27001). Experiencewith security tools and technologies (e.g. More ❯

to threats, investigation, and triage of day-to-day security events. Key requirements Experience in deploying security related IaC projects at scale. Familiarity with SOAR and optimisation of Security Controls using automation. Experience working with multi cloud environments (specifically AWS and Azure). Incident response and threat hunting experience. Strong More ❯

partners and customers. Familiarity with current security technologies including one or more of the following: Next-Generation Anti-virus, Endpoint Detection and Response (EDR), Security Orchestration, Automation, and Response (SOAR), Security Information and Event Management (SIEM, particularly Splunk and/or Splunk Cloud), firewalls, and other core security products. (e.g. More ❯

years of experience as a SOC/Security Engineer within a cloud environment Strong CrowdStrike experience is needed Experience with a range of SIEM, SOAR and vulnerability management tools Experience advising on security best practices and developing SOC playbooks Networking and infrastructure experience, including with Firewalls and IDS/IPS More ❯

cyber threat intelligence models and frameworks like the Diamond Model, MITRE ATT&CK etc Familiarity with email security tools and/or SIEM/SOAR tooling like Splunk/Sentinel etc Relevant cyber or intelligence qualifications such as CCTIM, GCTI etc More ❯

cyber threat intelligence models and frameworks like the Diamond Model, MITRE ATT&CK etc Familiarity with email security tools and/or SIEM/SOAR tooling like Splunk/Sentinel etc Relevant cyber or intelligence qualifications such as CCTIM, GCTI etc More ❯

cyber threat intelligence models and frameworks like the Diamond Model, MITRE ATT&CK etc Familiarity with email security tools and/or SIEM/SOAR tooling like Splunk/Sentinel etc Relevant cyber or intelligence qualifications such as CCTIM, GCTI etc JBRP1_UKTJ More ❯

cyber threat intelligence models and frameworks like the Diamond Model, MITRE ATT&CK etc Familiarity with email security tools and/or SIEM/SOAR tooling like Splunk/Sentinel etc Relevant cyber or intelligence qualifications such as CCTIM, GCTI etc JBRP1_UKTJ More ❯

helping customers get the most out of the platform’s capabilities. If you’ve got solid knowledge of the cyber ecosystem (think SIEM, EDR, SOAR, AD, firewalls, etc.) and a knack for digging into insider threat scenarios, read on. What you’ll be doing: Leading threat detection and response projects More ❯

procedures. Requirements: 7+ years in SOC leadership roles. Proven experience designing and operating Security Operations Centers. Hands-on experience with SIEM platforms Expertise implementing SOAR and Threat Intelligence solutions. More ❯

such as NDR/content filtering/FW/IPS/IDS/DDOS, EDR/MDR, DAST/SAST, Identity Access Management, SIEM & SOAR, log management. Preferable experience in Azure, AWS, Defender, Darktrace. Experience and technical knowledge in multiple areas of cyber defence operations. Experience as a Cyber Security More ❯

and hybrid environments to improve threat visibility. * Security Event Correlation & Automation: Develop advanced correlation rules, alerts, playbooks, and automation workflows using Sentinel, KQL, and SOAR integrations to enhance threat detection and response capabilities. * Cloud Threat Protection: Monitor, analyse, and strengthen security postures across cloud platforms, utilising Defender for Cloud and … and Microsoft Defender for Cloud. * Proficiency in SIEM architecture, security event correlation, log ingestion, and cloud security analytics. * Hands-on experience with security automation (SOAR), threat intelligence platforms, and log parsing techniques. * Strong understanding of MITRE ATT&CK framework, Zero Trust, and cloud security best practices. * Knowledge of Azure, AWS More ❯

within an MSP environment, with a strong understanding of managed security services. Technical Expertise: Hands-on experience with security technologies such as SIEM, EDR, SOAR, vulnerability and exposure management tooling, threat intelligence, and data security solutions. Pre-Sales & Consulting Experience: Proven experience in a pre-sales, solution consulting, or technical More ❯

be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data … party vendors and service providers to leverage automation opportunities and ensure successful integrations. Desirable Skills and Experience: Vendor-specific certifications for Security orchestration, automation, and response platforms Ability to develop and implement long-term automation strategies aligned with security operation objectives. Ability to translate technical concepts into clear, actionable insights More ❯

be responsible for the delivery of Microsoft SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell, KQL) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data … party vendors and service providers to leverage automation opportunities and ensure successful integrations. Desirable Skills and Experience: Vendor-specific certifications for Security orchestration, automation, and response platforms Ability to develop and implement long-term automation strategies aligned with security operation objectives. Ability to translate technical concepts into clear, actionable insights More ❯

objectives Skills and experience we are looking for in our Information Security Officer: Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

objectives Skills and experience we are looking for in our Information Security Officer: Proficiency in security domains, tools and technologies such as DLP, SIEM, SOAR and Vulnerability Management Good working knowledge of network security, firewalls, threat management, endpoint detection and response Ability to identify, assess, and mitigate security risks and More ❯

presentations, preparing bids and tenders, creating content, and potentially contributing to blogs or videos-no two days will be the same. Experience in SIEM, SOAR, or Managed Security Services is essential. Additional hands-on experience with DDoS, WAF, IDAM, EDR, MDM , or Vulnerability Management is highly desirable. They are also More ❯

occasional blog or video if you're up for it)-no two days will look the same. If you've got experience in SIEM, SOAR, or Managed Security Services , you're exactly the kind of person they want to speak with. Any hands-on background in DDoS, WAF, IDAM, EDR More ❯

Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations. Automating Response Actions: Develop and improve SOAR playbooks to automate repetitive tasks and enhance the incident response process. Collaboration: Work closely with onshore teams to fine-tune alert volumes and contribute ideas … Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies. Strong knowledge of Linux and Windows operating systems. Familiarity with SOAR technologies (e.g., IBM Resilient, Splunk Phantom, SIEMplify) and cloud platforms (e.g., AWS, Azure, O365). Experience investigating intrusions in Linux and cloud environments. Proficiency in More ❯

Refine and tune SIEM tools to reduce false positives and detect more sophisticated threats, ensuring optimal alert configurations. Automating Response Actions: Develop and improve SOAR playbooks to automate repetitive tasks and enhance the incident response process. Collaboration: Work closely with onshore teams to fine-tune alert volumes and contribute ideas … Defender, FireEye), IDS/IPS, firewalls, proxies, web application firewalls, and anti-virus technologies. Strong knowledge of Linux and Windows operating systems. Familiarity with SOAR technologies (e.g., IBM Resilient, Splunk Phantom, SIEMplify) and cloud platforms (e.g., AWS, Azure, O365). Experience investigating intrusions in Linux and cloud environments. Proficiency in More ❯