51 to 75 of 91 SOAR Jobs in the UK excluding London

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired More ❯

multinational organisations in designing and implementing an organisation’s security operations program, organisational structures, and capabilities Possess a deep technical knowledge in Security Incident and Event Management (SIEM) platforms, Security Orchestration and Response (SOAR) technologies, Endpoint Protection and Response/Next Gen Protection and Response (EDR/XDR) tools, Next GenFirewalls, Threat Intelligence and Hunting platforms Defensive Security Skills (desired More ❯

and custom detections Familiarity with adversary TTPs and the MITRE ATT&CK framework Experience with endpoint forensics, malware analysis, and security event correlation Hands-on experience with SIEM and SOAR platforms Solid understanding of operating system internals (macOS, Windows, Linux) Experience with security in a SaaS environment and working closely with engineering teams Background in using DevOps toolsets and programming More ❯

through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Use data collected from Cyber Defence tools firewalls, IDS, network traffic, UEBA (User Entity Behaviour Analysis), Security Orchestration and Automated Response (SOAR) etc. to analyse events that occur within the environments. Respond to and correlate alerts from various detective and preventative Cyber Security tools such as Security More ❯

Workspace security, Proofpoint (email security). Azure guardrails (Entra/Conditional Access, Azure Policy/PaC), Kubernetes context for platform integrations. Experience integrating CNAPP/CSPM or SIEM/SOAR signals into advisory workflows. Why join Shape a green-field Security Platform capability with real impact across dozens of teams. Modern stack, supportive culture, funded training/certifications and clear More ❯

Workspace security, Proofpoint (email security). Azure guardrails (Entra/Conditional Access, Azure Policy/PaC), Kubernetes context for platform integrations. Experience integrating CNAPP/CSPM or SIEM/SOAR signals into advisory workflows. Why join Shape a green-field Security Platform capability with real impact across dozens of teams. Modern stack, supportive culture, funded training/certifications and clear More ❯

Workspace security, Proofpoint (email security). Azure guardrails (Entra/Conditional Access, Azure Policy/PaC), Kubernetes context for platform integrations. Experience integrating CNAPP/CSPM or SIEM/SOAR signals into advisory workflows. Why join Shape a green-field Security Platform capability with real impact across dozens of teams. Modern stack, supportive culture, funded training/certifications and clear More ❯

will work with enterprise clients, and internally, to perform threat-informed detection engineering and threat research, implement security data lakes, SIEM and data pipelines strategies and transform response with SOAR and AI-SOC tooling. You will have the opportunity to shape everything from our technical architecture and services to our company culture, while working on innovative detection engineering challenges. Core … Sigma, YAML, SPL, KQL, YARA-L, CoreTIDE. Procient with Python, Git/GitHub and developing security tooling integrations and automations Hands-on experience with Splunk Cloud, Enterprise Security, and SOAR Deep understanding of MITRE ATT&CK and how to apply it practically Familiarity with offensive security concepts, attacker tradecraft or incident response Excellent technical writing and documentation skills Comfortable presenting More ❯

work to support on. We're looking for well-rounded Cyber Specialists with proven expertise within the Microsoft Ecosystem, including Azure Sentinel & Active Directory , as well as experience with SOAR . Contract Details: Cyber Specialist 6 Months - extensions likely Hybrid - 1x per week in Brighton ASAP Start - as soon as Monday 13th October. £550 - 650/day Inside IR35 Please More ❯

work to support on. We're looking for well-rounded Cyber Specialists with proven expertise within the Microsoft Ecosystem, including Azure Sentinel & Active Directory , as well as experience with SOAR . Contract Details: Cyber Specialist 6 Months - extensions likely Hybrid - 1x per week in Brighton ASAP Start - as soon as Monday 13th October. £550 - 650/day Inside IR35 Please More ❯

who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting … platforms such as Sentinel, Splunk, Defender, or Elastic. Scripting/automation ability (PowerShell, KQL, Python, etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications More ❯

for one or more of the following vendors: Fortinet, Palo Alto, Juniper, Cisco, Netskope, Zscaler, CrowdStrike. We would also love to receive applications from people with skills solutioning SIEM, SOAR, or Managed Security Services (experience in DDoS, WAF, IDAM, EDR, MDM or Vulnerability Management is a plus). We are also interested to hear from candidates with operational expertise in More ❯

support employees efforts to make a positive impact Company social events and competitions Discount and Cashback Scheme Group Income Protection Life Insurance EAP and Virtual GP Service Ready to soar with Air IT? Apply now and be part of something extraordinary! Air IT are equal opportunities employers, who value diversity and are strongly committed to providing equal employment opportunities for More ❯

support employees efforts to make a positive impact Company social events and competitions Discount and Cashback Scheme Group Income Protection Life Insurance EAP and Virtual GP Service Ready to soar with Air IT? Apply now and be part of something extraordinary! Air IT are equal opportunities employers, who value diversity and are strongly committed to providing equal employment opportunities for More ❯

support employees efforts to make a positive impact Company social events and competitions Discount and Cashback Scheme Group Income Protection Life Insurance EAP and Virtual GP Service Ready to soar with Air IT? Apply now and be part of something extraordinary! Air IT are equal opportunities employers, who value diversity and are strongly committed to providing equal employment opportunities for More ❯

Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯

Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯

across multiple environments, driving innovation in automation, detection, and SOC transformation. You’ll be part of a growing Professional Services team, working with a broad mix of technologies including SOAR, SIEM, XDR, vulnerability and exposure management, and cloud security platforms . Expect a healthy mix of customer-facing projects and internal innovation work. What you’ll be doing: Designing, building … and automating security operations tooling (SOAR, SIEM, XDR) Delivering technical consultancy across detection engineering, integration, and process improvement Developing custom playbooks, parsers, and automation frameworks Running vulnerability and exposure assessments using leading tools Helping customers mature and optimise their SOC functions What you’ll bring: Proven experience in Security Operations, SOC Engineering, or Cyber Consultancy Strong scripting and automation skills … Python, PowerShell, REST APIs) Practical knowledge of SIEM and SOAR technologies (Microsoft Sentinel, XSOAR, Logic Apps, etc.) Exposure to EDR/XDR platforms and vulnerability management tools Excellent communication and documentation skills Eligibility for SC or DV clearance Why it’s worth a look: Hybrid flexibility with regular Berkshire office collaboration Exposure to cutting-edge security tooling and lab environments More ❯

across multiple environments, driving innovation in automation, detection, and SOC transformation. You’ll be part of a growing Professional Services team, working with a broad mix of technologies including SOAR, SIEM, XDR, vulnerability and exposure management, and cloud security platforms . Expect a healthy mix of customer-facing projects and internal innovation work. What you’ll be doing: Designing, building … and automating security operations tooling (SOAR, SIEM, XDR) Delivering technical consultancy across detection engineering, integration, and process improvement Developing custom playbooks, parsers, and automation frameworks Running vulnerability and exposure assessments using leading tools Helping customers mature and optimise their SOC functions What you’ll bring: Proven experience in Security Operations, SOC Engineering, or Cyber Consultancy Strong scripting and automation skills … Python, PowerShell, REST APIs) Practical knowledge of SIEM and SOAR technologies (Microsoft Sentinel, XSOAR, Logic Apps, etc.) Exposure to EDR/XDR platforms and vulnerability management tools Excellent communication and documentation skills Eligibility for SC or DV clearance Why it’s worth a look: Hybrid flexibility with regular Berkshire office collaboration Exposure to cutting-edge security tooling and lab environments More ❯

and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 – £60,000 depending on experience Dynamic (hybrid) working :2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯

and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working : 2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯

UK (Hybrid - 3 days/week) Type of employment - Contract (Initially 6 months) Job Description: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯

UK (Hybrid - 3 days/week) Type of employment - Contract (Initially 6 months) Job Description: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … OT landscape. Incident Response Automation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯