26 to 41 of 41 SOAR Jobs in the UK

with clear RACI and coherent operating model. Govern the security tooling strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms. Security Operations & Incident Response Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple-team ...

Implement identity access control measures and DLP controls Respond to Tier 3 security incidents Monitor threat intelligence Participate in pentests Engineer Microsoft Sentinel detections & SOAR playbooks Cyber Security Engineer: Technical Experience Microsoft Security: Defender of Endpoint, Identity, Cloud Apps, Office 365 Azure AD Microsoft Purview Cloud & Endpoint Security Azure Sentinel ...

and optimisation of technologies such as Zscaler, Netskope, Prisma Access, or similar platforms • Oversee integration of Zero Trust solutions with identity providers, SIEM/SOAR tooling, endpoint security, and cloud environments • Conduct architecture reviews, threat modelling exercises, gap assessments, and security strategy workshops • Lead proof-of-concept exercises, vendor evaluations ...

FWaaS) Manage application segmentation, secure connector deployment, and client connector rollouts. Integrate Zero Trust platforms with identity providers, endpoint security tools, and SIEM/SOAR environments. Support the migration of legacy VPN, firewall, and proxy solutions toward cloud-native security architectures. Conduct proof-of-concept exercises, technical evaluations, and architecture ...

Microsoft 365, identity and endpoint ecosystems. - Strong understanding of ITIL based service management and operational governance. - Experience with DMS platforms (desired) - Familiarity with SIEM, SOAR and modern security tooling. Head of IT Infrastructure/Head of IT Platforms In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this ...

controls aligned with the NIST Cyber Security Framework. What you'll be doing: Maintain and optimise SOC PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. Conduct forensic analysis, malware reverse … and continuous process improvement. Maintain knowledge of current cyber threats and emerging trends. What you'll bring: Proven hands-on experience with SIEM and SOAR platforms such as Trend, Elastic, or SolarWinds. Strong understanding of Windows and Linux OS, log collection, and threat detection techniques. Ability to create and modify ...

Microsoft Security Copilot to support cybersecurity tasks including threat hunting, triage, investigations and response, and creating security incident response playbooks. Build and maintain SOAR playbooks integrated with various security platforms (e.g., SIEMs, EDRs, identity platforms) to streamline incident response and automation. Lead automation initiatives to eliminate manual processes, improve … and automated controls. Comfortable writing scripts using languages such as Python, PowerShell, or Bash, and experience with automation platforms such as Azure Logic Apps, SOAR tools (e.g., Microsoft Sentinel, Splunk SOAR, Cortex XSOAR). Experience building and tuning detections using SIEM platforms (e.g., KQL, SPL) and working with security telemetry ...

infrastructure. Familiarity with frameworks such as MITRE ATT&CK. Ability to analyse threats and translate them into detection capability. Nice to have: Experience with SOAR (Logic Apps/Splunk SOAR). Detection-as-code or CI/CD pipeline experience. Scripting in PowerShell, Python or similar. Experience with Git-based ...

Support – Assist with demos, scoping, and proof-of-value activities where required. Core Duties Automation Design & Development Build and maintain workflows across SIEM, EDR, and SOAR platforms Develop reusable scripts, templates, and components Ensure solutions support secure, multi-tenant environments Integration & Response Automation Orchestrate containment, enrichment, and remediation actions Integrate … cloud security, identity, and event-driven automation Strong communication and analytical skills Security clearance (NPPV and/or SC) may be required. Technical Knowledge Security orchestration and automation principles Scripting and integration patterns (APIs, webhooks) SOC detection and response workflows Threat intelligence integration and use case design Cloud and identity ...

engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling … Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...

engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling … Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

operational efficiency Investigate security incidents and drive root cause analysis and remediation Implement and manage tools such as Microsoft Defender, Nessus, and SIEM/SOAR platforms Develop secure cloud templates and baseline configurations Partner with engineering teams to embed secure coding and DevSecOps practices Stay up to date with emerging … environments Deep understanding of Azure security, DevOps, and automation Hands-on experience with EDR/DLP tools (e.g. Microsoft Defender) Experience with SIEM/SOAR platforms Knowledge of frameworks such as ISO 27001, NIST, and CIS Strong troubleshooting and problem-solving skills Ability to manage multiple priorities in a fast ...

remove manual toil across detection, triage, response, and reporting. Integrate security tooling (SIEM, EDR, IAM, cloud, ticketing) into seamless, reliable workflows. Build and maintain SOAR-style playbooks and pipelines for enrichment, containment, and response. Own the deployment, monitoring, and reliability of the automation tools you ship. AI & Agent Development: Build … apprenticeships). Strong scripting and programming skills, particularly in Python, with a track record of building API integrations. Experience building automation workflows using SOAR platforms, CI/CD, or workflow orchestration tools (e.g., n8n, Tines, Zapier). Practical, hands-on experience building with LLMs (APIs, prompt engineering, and ideally agents ...

guidance and updates Tune detection tools and monitoring systems to reduce false positives and improve accuracy Create and maintain SOC playbooks to support automation and response efficiency Document incidents, investigations, and lessons learned Provide technical guidance and support to Tier 1 analysts The SOC operates 24 hours … security operations environment Strong understanding of cyber threats, attack techniques, and defensive strategies Hands-on experience with SIEM, EDR, XDR, or SOAR security platforms Knowledge of networking fundamentals, including protocols and firewall technologies Experience investigating and responding to security incidents Strong analytical and problem-solving skills with excellent attention ...

security space. These include (but are not limited to): E nd-to-end management of EDR solutions at enterprise scale DLP & DSPM Automation/Security Orchestration Automation & Response (SOAR) Scripting (python, PowerShell , bash etc.) Security Information & Event Management (SIEM) content creation, data source on-boarding Strong verbal and written communication ...