will work with enterprise clients, and internally, to perform threat-informed detection engineering and threat research, implement security data lakes, SIEM and data pipelines strategies and transform response with SOARand AI-SOC tooling. You will have the opportunity to shape everything from our technical architecture and services to our company culture, while working on innovative detection engineering challenges. Core … Sigma, YAML, SPL, KQL, YARA-L, CoreTIDE. Procient with Python, Git/GitHub and developing security tooling integrations and automations Hands-on experience with Splunk Cloud, Enterprise Security, andSOAR Deep understanding of MITRE ATT&CK and how to apply it practically Familiarity with offensive security concepts, attacker tradecraft or incident response Excellent technical writing and documentation skills Comfortable presenting More ❯
Portsmouth, Hampshire, England, United Kingdom Hybrid / WFH Options
Franklin Fitch
who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automationand integrations using scripting … platforms such as Sentinel, Splunk, Defender, or Elastic. Scripting/automation ability (PowerShell, KQL, Python, etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications More ❯
Manchester, Lancashire, United Kingdom Hybrid / WFH Options
Nomios
for one or more of the following vendors: Fortinet, Palo Alto, Juniper, Cisco, Netskope, Zscaler, CrowdStrike. We would also love to receive applications from people with skills solutioning SIEM, SOAR, or Managed Security Services (experience in DDoS, WAF, IDAM, EDR, MDM or Vulnerability Management is a plus). We are also interested to hear from candidates with operational expertise in More ❯
Crawley, Sussex, United Kingdom Hybrid / WFH Options
Morson Edge
Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯
Crawley, West Sussex, South East, United Kingdom Hybrid / WFH Options
Morson Edge
Security Service Provider (MSSP) and internal teams to ensure complete log source integration and effective alert correlation across cloud and on-prem environments. Support and develop the organisation's SOAR platform, creating automated workflows and improving response efficiency. Perform digital forensics investigations, analysing logs, network data, and system artefacts to determine root causes. Participate in cyber crisis simulation exercises and … related discipline, or equivalent professional experience. Industry-recognised certifications such as CISSP, GIAC/GCIA/GCIH, AZ-500, CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience More ❯
across multiple environments, driving innovation in automation, detection, and SOC transformation. You’ll be part of a growing Professional Services team, working with a broad mix of technologies including SOAR, SIEM, XDR, vulnerability and exposure management, and cloud security platforms . Expect a healthy mix of customer-facing projects and internal innovation work. What you’ll be doing: Designing, building … and automating security operations tooling (SOAR, SIEM, XDR) Delivering technical consultancy across detection engineering, integration, and process improvement Developing custom playbooks, parsers, andautomation frameworks Running vulnerability and exposure assessments using leading tools Helping customers mature and optimise their SOC functions What you’ll bring: Proven experience in Security Operations, SOC Engineering, or Cyber Consultancy Strong scripting andautomation skills … Python, PowerShell, REST APIs) Practical knowledge of SIEM andSOAR technologies (Microsoft Sentinel, XSOAR, Logic Apps, etc.) Exposure to EDR/XDR platforms and vulnerability management tools Excellent communication and documentation skills Eligibility for SC or DV clearance Why it’s worth a look: Hybrid flexibility with regular Berkshire office collaboration Exposure to cutting-edge security tooling and lab environments More ❯
across multiple environments, driving innovation in automation, detection, and SOC transformation. You’ll be part of a growing Professional Services team, working with a broad mix of technologies including SOAR, SIEM, XDR, vulnerability and exposure management, and cloud security platforms . Expect a healthy mix of customer-facing projects and internal innovation work. What you’ll be doing: Designing, building … and automating security operations tooling (SOAR, SIEM, XDR) Delivering technical consultancy across detection engineering, integration, and process improvement Developing custom playbooks, parsers, andautomation frameworks Running vulnerability and exposure assessments using leading tools Helping customers mature and optimise their SOC functions What you’ll bring: Proven experience in Security Operations, SOC Engineering, or Cyber Consultancy Strong scripting andautomation skills … Python, PowerShell, REST APIs) Practical knowledge of SIEM andSOAR technologies (Microsoft Sentinel, XSOAR, Logic Apps, etc.) Exposure to EDR/XDR platforms and vulnerability management tools Excellent communication and documentation skills Eligibility for SC or DV clearance Why it’s worth a look: Hybrid flexibility with regular Berkshire office collaboration Exposure to cutting-edge security tooling and lab environments More ❯
Stevenage, Hertfordshire, England, United Kingdom Hybrid / WFH Options
MBDA
and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk andSOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 – £60,000 depending on experience Dynamic (hybrid) working :2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber securityand observability use cases. Lead SOC automation initiatives using scripting andSOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯
Stevenage, Hertfordshire, South East, United Kingdom Hybrid / WFH Options
MBDA
and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk andSOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working : 2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber securityand observability use cases. Lead SOC automation initiatives using scripting andSOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯
Bristol, Gloucestershire, United Kingdom Hybrid / WFH Options
across the entire IT estate. Familiarity with endpoint protection platforms and vulnerability management tools. Experience securing hybrid identity solutions and federated authentication models Understanding of securityautomation concepts, including securityorchestrationandresponse (SOAR) including ability to script or automate repetitive tasks. Experience producing security artefacts and configuration documentation, including risk assessments, security design records, hardening standards, control implementation guides More ❯
Coventry, England, United Kingdom Hybrid / WFH Options
NLB Services
UK (Hybrid - 3 days/week) Type of employment - Contract (Initially 6 months) Job Description: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … OT landscape. Incident ResponseAutomation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯
leicester, midlands, united kingdom Hybrid / WFH Options
NLB Services
UK (Hybrid - 3 days/week) Type of employment - Contract (Initially 6 months) Job Description: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … OT landscape. Incident ResponseAutomation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯
binley, midlands, united kingdom Hybrid / WFH Options
NLB Services
UK (Hybrid - 3 days/week) Type of employment - Contract (Initially 6 months) Job Description: Role: 10+ years of experience in Cyber security Designing & implementation on Network Security, SIEM, SOAR & Threat Intelligence. Key Responsibilities: Lead Sentinel Deployment for OT SOC Architect and implement Microsoft Sentinel across global OT environments to centralize security monitoring and incident response. Log Source Integration Configure … OT landscape. Incident ResponseAutomation Design and implement playbooks using Logic Apps to automate incident response workflows for common OT security events. Execution of the use cases on SIEM, SOAR & Threat Intelligence Build custom workbooks and dashboards to visualize OT security posture, threat trends, and SOC performance metrics. More ❯
tools such as firewalls, intrusion detection/prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools and data stream processing tools Hands-on experience with vulnerability assessment tools, penetration testing methodologies and forensic analysis techniques. Experience in writing content/polices for monitoring More ❯
tools such as firewalls, intrusion detection/prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools and data stream processing tools Hands-on experience with vulnerability assessment tools, penetration testing methodologies and forensic analysis techniques. Experience in writing content/polices for monitoring More ❯
london (city of london), south east england, united kingdom
RiverSafe
tools such as firewalls, intrusion detection/prevention systems, SIEM solutions (i.e. Splunk, Exabeam, Sentinel, Chronicle) and endpoint security platforms to the level of administration and deployment. Exposure to SOAR tools, observability tools and data stream processing tools Hands-on experience with vulnerability assessment tools, penetration testing methodologies and forensic analysis techniques. Experience in writing content/polices for monitoring More ❯
the largest companies in the world, to conceptualize and implement new and inventive ways to integrate our products as well as our data within their systems (i.e. SIEM, TIP, SOAR technologies). As a Solutions Engineer, you will have a dual focus, developing net new relationships by supporting the Regional Sales Director as well as championing adoption with existing customers … OS, Browser, OSI Stack, DNS, Domain Registration, TCP/IP and networking technologies. Good understanding of various firewall and web proxy technologies. Working knowledge of SIEM/TIP/SOAR platforms. Familiarity with JSON/RESTful API endpoints. Familiarity with Big Data concepts and the management of large on-premise datasets. More ❯
the largest companies in the world, to conceptualize and implement new and inventive ways to integrate our products as well as our data within their systems (i.e. SIEM, TIP, SOAR technologies). As a Solutions Engineer, you will have a dual focus, developing net new relationships by supporting the Regional Sales Director as well as championing adoption with existing customers … OS, Browser, OSI Stack, DNS, Domain Registration, TCP/IP and networking technologies. Good understanding of various firewall and web proxy technologies. Working knowledge of SIEM/TIP/SOAR platforms. Familiarity with JSON/RESTful API endpoints. Familiarity with Big Data concepts and the management of large on-premise datasets. More ❯
london (city of london), south east england, united kingdom
DomainTools
the largest companies in the world, to conceptualize and implement new and inventive ways to integrate our products as well as our data within their systems (i.e. SIEM, TIP, SOAR technologies). As a Solutions Engineer, you will have a dual focus, developing net new relationships by supporting the Regional Sales Director as well as championing adoption with existing customers … OS, Browser, OSI Stack, DNS, Domain Registration, TCP/IP and networking technologies. Good understanding of various firewall and web proxy technologies. Working knowledge of SIEM/TIP/SOAR platforms. Familiarity with JSON/RESTful API endpoints. Familiarity with Big Data concepts and the management of large on-premise datasets. More ❯
with the addition of a Technical Consultant . As a Technical Consultant , you’ll bring expertise across Core Networking (Netskope, Fortinet, Palo Alto, or Juniper) or Cyber Security (SIEM, SOAR), helping to design and deliver enterprise-level solutions for clients across the UK. This is an excellent opportunity to join a dynamic, fast-growing business where innovation, technical excellence, and … on expertise with leading vendors such as Netskope, Fortinet, Palo Alto, or Juniper Networks , including the design and support of enterprise-grade architectures , or, a strong understanding of SIEM , SOAR , and Managed Security Services , with the ability to translate technical capabilities into clear business value . Additional knowledge of DDoS protection , Web Application Firewalls (WAF) , Endpoint Detection & Response (EDR) , Identity More ❯
with the addition of a Technical Consultant . As a Technical Consultant , you’ll bring expertise across Core Networking (Netskope, Fortinet, Palo Alto, or Juniper) or Cyber Security (SIEM, SOAR), helping to design and deliver enterprise-level solutions for clients across the UK. This is an excellent opportunity to join a dynamic, fast-growing business where innovation, technical excellence, and … on expertise with leading vendors such as Netskope, Fortinet, Palo Alto, or Juniper Networks , including the design and support of enterprise-grade architectures , or, a strong understanding of SIEM , SOAR , and Managed Security Services , with the ability to translate technical capabilities into clear business value . Additional knowledge of DDoS protection , Web Application Firewalls (WAF) , Endpoint Detection & Response (EDR) , Identity More ❯
with the addition of a Technical Consultant . As a Technical Consultant , you’ll bring expertise across Core Networking (Netskope, Fortinet, Palo Alto, or Juniper) or Cyber Security (SIEM, SOAR), helping to design and deliver enterprise-level solutions for clients across the UK. This is an excellent opportunity to join a dynamic, fast-growing business where innovation, technical excellence, and … on expertise with leading vendors such as Netskope, Fortinet, Palo Alto, or Juniper Networks , including the design and support of enterprise-grade architectures , or, a strong understanding of SIEM , SOAR , and Managed Security Services , with the ability to translate technical capabilities into clear business value . Additional knowledge of DDoS protection , Web Application Firewalls (WAF) , Endpoint Detection & Response (EDR) , Identity More ❯
with the addition of a Technical Consultant . As a Technical Consultant , you’ll bring expertise across Core Networking (Netskope, Fortinet, Palo Alto, or Juniper) or Cyber Security (SIEM, SOAR), helping to design and deliver enterprise-level solutions for clients across the UK. This is an excellent opportunity to join a dynamic, fast-growing business where innovation, technical excellence, and … on expertise with leading vendors such as Netskope, Fortinet, Palo Alto, or Juniper Networks , including the design and support of enterprise-grade architectures , or, a strong understanding of SIEM , SOAR , and Managed Security Services , with the ability to translate technical capabilities into clear business value . Additional knowledge of DDoS protection , Web Application Firewalls (WAF) , Endpoint Detection & Response (EDR) , Identity More ❯
warrington, cheshire, north west england, united kingdom
Areti Group | B Corp™
with the addition of a Technical Consultant . As a Technical Consultant , you’ll bring expertise across Core Networking (Netskope, Fortinet, Palo Alto, or Juniper) or Cyber Security (SIEM, SOAR), helping to design and deliver enterprise-level solutions for clients across the UK. This is an excellent opportunity to join a dynamic, fast-growing business where innovation, technical excellence, and … on expertise with leading vendors such as Netskope, Fortinet, Palo Alto, or Juniper Networks , including the design and support of enterprise-grade architectures , or, a strong understanding of SIEM , SOAR , and Managed Security Services , with the ability to translate technical capabilities into clear business value . Additional knowledge of DDoS protection , Web Application Firewalls (WAF) , Endpoint Detection & Response (EDR) , Identity More ❯
bolton, greater manchester, north west england, united kingdom
Areti Group | B Corp™
with the addition of a Technical Consultant . As a Technical Consultant , you’ll bring expertise across Core Networking (Netskope, Fortinet, Palo Alto, or Juniper) or Cyber Security (SIEM, SOAR), helping to design and deliver enterprise-level solutions for clients across the UK. This is an excellent opportunity to join a dynamic, fast-growing business where innovation, technical excellence, and … on expertise with leading vendors such as Netskope, Fortinet, Palo Alto, or Juniper Networks , including the design and support of enterprise-grade architectures , or, a strong understanding of SIEM , SOAR , and Managed Security Services , with the ability to translate technical capabilities into clear business value . Additional knowledge of DDoS protection , Web Application Firewalls (WAF) , Endpoint Detection & Response (EDR) , Identity More ❯