26 to 50 of 53 SOAR Jobs in the UK

equivalent Strong experience securing Microsoft cloud environments (Azure) - design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security Embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges ...

and Terraform Technologies AWS, GCP, Azure and private Data Centers Kubernetes, Helm, Flux Distributed systems, mostly Golang based with CockroachDB and NATS SIEM/SOAR, EDR, CNAPP, and a suite of open source tools with custom integrations This is a fully remote role, please email your CV to apply ...

needs, for which you will be additionally compensated. Who You Are Keen interest in security and want to develop Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud ...

needs, for which you will be additionally compensated. Who You Are Keen interest in security and want to develop Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud ...

needs, for which you will be additionally compensated. Who You Are Keen interest in security and want to develop Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud ...

needs, for which you will be additionally compensated. Who You Are Keen interest in security and want to develop Experience in SIEM or SOAR Knowledge of the MITRE ATT&CK Framework or common attack and response methods Previous experience with incident response in a fast-paced environment Knowledge of Cloud ...

deal velocity Microsoft Security Knowledge: Hands-on experience with Microsoft Sentinel, Defender for Cloud and Purview Strong understanding of cloud security architecture, SIEM/SOAR and compliance frameworks (ISO 27001, NIST, GDPR) Familiarity with Azure, Microsoft 365 and hybrid environments Microsoft certifications: SC-900 essential; SC-100 and ...

Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial … Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply ...

Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial … Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

Have Cloud certifications (Azure, AWS, GCP) Experience working in regulated environments (e.g., finance, government) SAFe Agile or Scrum certifications Prior experience with SIEM/SOAR integration, API security, or Identity Governance Why Join Us Play a key role in shaping enterprise-wide secure access architecture Work with a forward-thinking ...

building detections, integrations, and automation, and shaping the SOC technology roadmap. Key Requirements: Deep hands-on expertise with Microsoft Sentinel (KQL, analytic rules, UEBA, SOAR). Proven experience migrating from LogRhythm or another legacy SIEM to Sentinel. Strong experience building and tuning detections mapped to MITRE ATT&CK. Experience migrating ...

providing support to other members of the team to protect against cyber threats. Lead in the identification and the creation, maintenance and troubleshooting of SOAR playbooks, automations and enrichments. Apply critical thinking to solve unique problems in the information security space. Enhancing the processes around interacting with large datasets ...

CSPM, and CWP. Automation & Integration : Using Sentinel Graph, Microsoft Graph Security API, playbooks, Logic Apps, Power Automate. Threat Management : SIEM for detection, response, hunting; SOAR workflow design; KQL queries, custom rules, UEBA. Identity & Access Security : Entra ID, Conditional Access, Identity Protection, PIM. Email Security : Microsoft Defender for O365, Darktrace … detection and response. Understanding of compliance standards (ISO 27001, NIST CSF, GDPR, SOC 2). Familiarity with third-party integrations (e.g., Threat Intelligence Platforms, SOAR tools, Security APIs). Certifications (Preferred): Microsoft SC-100, AZ-500, SC-200, SC-300. CISSP, CCSP. Benefits - GB: Enjoy a benefits package designed ...

Microsoft Security (Defender, Sentinel, Purview, Entra) and integrate Qualys vulnerability management for continuous threat detection and remediation. Automate & Innovate: Lead the charge on automation (SOAR, IaC, workflow automation) and embed Gen AI into security operations, threat intelligence, and reporting. Set Standards: Develop and enforce security architecture standards, governance, and best … would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through ...

identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills JBRP1_UKTJ ...

identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills ...

enriching detection and response activities and informing risk and compliance stakeholders. Technical Architecture & Integration * Design and implement a continuous monitoring reference architecture, leveraging SIEM, SOAR, UEBA, and threat intelligence. * Establish enterprise logging standards covering log coverage, retention, encryption, access, and integrity requirements. * Drive automation of monitoring workflows and correlation logic … least 5 years in security monitoring, SOC leadership, or equivalent detection & response functions. * Proven track record of building or maturing monitoring capabilities (SIEM, SOAR, telemetry pipelines, UEBA, threat intel integration). * Knowledge of log ingestion, normalization, correlation, and enrichment processes. * Familiarity with leading monitoring technologies: Splunk, DataDog, Microsoft Defender, CrowdStrike ...

lead escalated security incidents, oversee remediation and recovery actions, track incidents, liaise with partners, report findings, and apply root cause analysis with lessons learned. SOAR Development: Support and develop the SOAR platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic … chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical knowledge of SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, web/email filtering, behavioural analytics, TCP/IP and OT protocols, and security applications. Understanding ...

Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 – £60,000 depending on experience Dynamic (hybrid) working :2 days … subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and ...

Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working :2 days … subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and ...

Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working :2 days … subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and ...

and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. … multiple domains (identity, access, network, systems, cloud, and applications). Proficiency in Python and/or PowerShell for data analysis and automation. Experience with SOAR platforms and security automation workflows. Excellent problem-solving, stakeholder management, and collaboration skills. Team leadership or mentoring experience is highly desirable. Preferred Technologies/Tools ...

leading the build, configuration, and integration across a vast environment. Your expertise will be crucial in defining security requirements, integrating with SIEM/SOAR platforms like Splunk, and ensuring successful deployment to Windows and RHEL endpoints. SentinelOne Architect/SME Essential Skills: Proven experience designing and deploying SentinelOne specifically within … produce high-quality HLDs and LLDs Hands-on experience with on-premises infrastructure, including virtualisation, networking, and storage Experience integrating SentinelOne with SIEM/SOAR solutions Experience deploying to both Windows and RHEL endpoints Eligibility for SC Security Clearance To be considered: Please either apply through this advert or emailing ...