26 to 44 of 44 SOAR Jobs in the UK

technical complexity into clear business outcomes Confidence presenting to both technical and non-technical stakeholders A solid understanding of modern security architectures, including SIEM, SOAR, and managed security services Exposure to advanced security domains such as DDoS protection, WAF, IAM, EDR, MDM, and vulnerability management Continuous learning is a core ...

technical complexity into clear business outcomes Confidence presenting to both technical and non-technical stakeholders A solid understanding of modern security architectures, including SIEM, SOAR, and managed security services Exposure to advanced security domains such as DDoS protection, WAF, IAM, EDR, MDM, and vulnerability management Continuous learning is a core ...

and Major Incident Management (MIM), with a disciplined post-incident review culture. Excellent troubleshooting skills across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your ...

and Major Incident Management (MIM), with a disciplined post-incident review culture. Excellent troubleshooting skills across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your ...

and Major Incident Management (MIM), with a disciplined post-incident review culture. Excellent troubleshooting skills across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your ...

ISACs, OSINT) into practical detections and control improvements Identifying gaps in monitoring and enhancing detection capabilities Supporting deployment and automation of security tooling (SIEM, SOAR, EDR, DLP, WAF, email security) Developing automation using Python, Bash, or PowerShell Acting as an escalation point for junior analysts and helping guide them About … experience in at least two of: detection engineering, incident response, security engineering, threat hunting, or threat intelligence Strong experience with security tooling (SIEM, SOAR, EDR, DLP) Understanding of MITRE ATT&CK, cyber kill chain, and attacker tradecraft Experience investigating complex security incidents across applications and infrastructure Familiarity with offensive tools ...

and enterprise IGA architecture. Strong understanding of identity lifecycle management, access governance, and Zero Trust security principles. Hands-on experience integrating SailPoint with SIEM, SOAR, PAM, and directory platforms. Experience contributing to enterprise architecture and security governance frameworks. Contract Details: Duration: 6 months Initially Day Rate: £600 per day (Inside ...

ensuring data quality and analytical integrity. 3. Automation & Workflow Optimization - Design and implement automation workflows within the TIP to reduce analyst toil. - Work with SOAR platforms and scripting tools to enable intelligence-driven response actions. - Optimize scoring, deduplication, false-positive reduction, and prioritization logic. - Collaborate with engineers to expose … configuring, and operating TIPs in production environments. - Strong understanding of STIX 2.x, TAXII, IOC lifecycle management, and intelligence ontologies. - Experience integrating TIPs with SIEM, SOAR, EDR, and vulnerability management tools. - Proven ability to customize workflows, scoring models, enrichment logic, and automation. Technical & Platform Skills - Strong familiarity with APIs, JSON, Python ...

including infrastructure, data ingestion pipelines, and cloud security posture components. Lead the implementation and optimization of Microsoft security technologies such as Sentinel , Defender XDR , SOAR , and integrations involving DevOps (IDE/CI/CD) and Cribl . Develop advanced security analytics, threat intelligence models, and monitoring capabilities for cloud and … best practices, and innovation within the enterprise security architecture domain. Required Skills & Expertise Deep expertise in enterprise security technologies, especially: Microsoft Sentinel Defender XDR SOAR DevOps security (IDE/CI/CD) Cribl Strong hands-on experience with: Azure Security services Cloud Security Posture Management (CSPM) Data ingestion frameworks Security ...

with enterprise architecture standards, secure by design principles, and regulatory requirements. - development of data ingestion, telemetry, and integration patterns between Darktrace, Defender, SIEM/SOAR tools, and existing security stacks. - production of architecture decision records, design patterns, and technical documentation for long-term maintainability. - Leading technical delivery workstreams, providing direction … across both platforms. - Coordinate testing, validation, and acceptance of detection capabilities, including simulation of realistic attack techniques. - Integrate Darktrace and Defender outputs into SIEM, SOAR, and ticketing systems. - Work with SOC and automation teams to design playbooks, response workflows, and escalation paths. - Ensure centralised logging, enrichment, and context tagging ...

teams during major incidents, drive containment and recovery, and own post-incident reviews and playbooks. The role includes mentoring CIRT analysts , enhancing SIEM/SOAR automation, and continuously improving processes using frameworks such as MITRE ATT&CK, NIST 800-61, and PCI DSS. What this job is really about Owning … runbook.? You've used InsightIDR or another MDR/SIEM platform for rule creation, tuning and dashboards, and you're not afraid of SOAR tools like InsightConnect or Cortex XSOAR.? Python or PowerShell are part of your toolkit, and retail networks, POS systems, and cloud infrastructure don't intimidate you. ...

security strategy. Apply foundational security principles to new technologies and unconventional scenarios while enabling organisational objectives. What We're Looking For SIEM/SOAR: Proficiency in SIEM concepts, data source integration, and creating SOAR runbooks. Security Stack : Hands-on with EDR, XDR, WAF, and email security solutions. Preferred Vendors: Experience ...

requirements Create and refine SIEM correlation rules, dashboards, and reports to enhance proactive threat detection and monitoring Build, deploy, and maintain automated playbooks across SOAR and related security platforms Integrate threat intelligence sources, security tools, and custom logic into automated workflows Continuously tune and optimise SIEM rules and SOAR playbooks … improve detection accuracy and reduce false positives Integrate internal and third-party systems with SIEM and SOAR platforms using APIs and custom connectors Support ongoing sprint activities, daily progress updates, and ad-hoc engineering tasks to improve SOC service delivery Contribute to post-incident reviews by developing new detections and ...

highly regulated environment, ideally in finance/banking. - Extensive knowledge of performing architecture reviews and driving cyber transformation programmes. - Strong knowledge of SIEM, SOAR, EDR/XDR, threat intelligence platforms, logging and monitoring frameworks. - Excellent communication and stakeholder management skills. Responsibilities - Perform a detailed analysis of the organisation's existing … cyber security operations. - Map out the current architecture, identifying strengths, weaknesses, gaps and inefficiencies. - Advise senior leadership on SecOps strategy, covering tooling, SIEM/SOAR use, incident response maturity, vendor consolidation and internal capability development. - Create actionable remediation plans and strategic roadmaps for long-term cyber resilience. What you need ...

Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved to enhance client experience and satisfaction. Provide high level SME knowledge … systems (Windows/Linux), Active Directory/identity management, and permissions-based controls. Hands-on experience designing detection content, use cases, tuning, suppression, and SOAR workflows, with understanding of data pipelines and connector optimisation. Proven track record in technical account management, client-facing technical leadership, or equivalent, with ownership ...

months, ideally in regulated or high-availability environments. End-to-End Programme Ownership Full lifecycle ownership of major initiatives including MDR consolidation, SIEM, SOAR, and security data lake deployments , delivering measurable business outcomes. Formal RFP & Vendor Management Expertise Proven experience authoring RFPs, evaluating vendors, and overseeing complex onboarding and integration. … clear understanding of what succeeds (and fails) under real-world pressure. Vendor-Neutral Technical Leadership Ability to navigate and apply leading MDR, SIEM, SOAR, and data lake technologies agnostically to the problem being solved. AI & Automation Proficiency Practical experience implementing agentic assistance and managing semi-autonomous security systems. Security Architecture ...

team across onboarding and live service activity • Own technical delivery during customer onboarding and transition • Oversee Sentinel connector deployment, Defender integration, rule tuning and SOAR playbooks • Ensure structured service handover into SOC operations with clear documentation • Act as escalation point for complex engineering issues in live environments • Maintain SLA adherence … Microsoft Sentinel and Defender XDR • Deep understanding of Azure security architecture and ingestion strategy • Proven experience configuring connectors and tuning detection rules • Experience with SOAR platforms • Strong KQL capability • Ability to manage competing priorities in fast-paced environments • Experience managing ingestion costs or cloud service optimisation • Confident customer communication Desirable ...

sprint planning, stand-ups, reviews, and retrospectives Monitor progress across multiple initiatives, identifying risks, dependencies, and blockers Coordinate cross-functional teams to deliver SIEM, SOAR, and automation-related enhancements Ensure effective prioritisation of detection use cases, integrations, and automation initiatives Track ad-hoc tasks and continuous improvement activities to enhance … projects Strong background in agile delivery and sprint-based project environments Excellent organisational and stakeholder management skills Ability to coordinate technical teams delivering SIEM, SOAR, and security engineering outcomes Experience managing competing priorities in a fast-paced operational environment Strong risk, dependency, and issue management capability Effective communicator with ...

technical design for Network Security services, including: Zero Trust Network Access (ZTNA) NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Define and assure non-functional requirements (availability, scalability, performance, security, operability) Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned with governance standards (e.g. NIST … operating enterprise network security platforms Deep hands-on expertise in one or more of: ZTNA, NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Strong understanding of Zero Trust Architecture and policy-based access control Proven DevSecOps, IaC, and CI/CD experience Solid grounding in ITIL, major ...