26 to 50 of 89 SOAR Jobs in the UK

Proven expertise in Microsoft Sentinel and Office 365 E5 security products. • Strong understanding of Azure services, including Azure AD, Defender for Cloud, and Logic Apps. • Experience with SIEM/SOAR platforms, KQL, and automation workflows. • Familiarity with compliance frameworks: ISO 27001, NIST, PCI-DSS, GDPR. • Excellent communication and stakeholder engagement skills. • Certifications such as SC-100, AZ-500, MS More ❯

practices, application security tooling (SAST/SCA/DAST), cloud security (CSPM/CIEM/CNAPP), and infrastructure hardening. Incident Detection & Response : Strong skills in threat detection, SIEM/SOAR, incident response, and achieving low MTTD/MTTR; experience with purple teaming and tabletop exercises. Network Security : Understanding of routing security principles (BGP/RPKI), network segmentation and DDoS mitigation More ❯

Security Operations working within or alongside Security Operations Centre(s). Experience working in all hyperscaler environments, preferably holding Professional Cloud Architect or equivalent Certification. Experience with multiple SIEM & SOAR Tooling, preferably Google SecOps (formerly Chronicle/Simplify). Strong written, verbal and presentation skills. Excellent communication and interpersonal skills, with the ability to build strong relationships with clients and More ❯

and vulnerability management . Expertise in ServiceNow workflows , scripting , CMDB , Discovery , and system integrations (REST/SOAP, MID Server). Experience integrating ServiceNow with cybersecurity tools (e.g., SIEM, EDR, SOAR). Strong stakeholder management and communication skills. Background supporting critical infrastructure , preferably within the energy or utilities sector . Knowledge of security frameworks and compliance mandates (e.g., NIST, ISO More ❯

and vulnerability management . Expertise in ServiceNow workflows , scripting , CMDB , Discovery , and system integrations (REST/SOAP, MID Server). Experience integrating ServiceNow with cybersecurity tools (e.g., SIEM, EDR, SOAR). Strong stakeholder management and communication skills. Background supporting critical infrastructure , preferably within the energy or utilities sector . Knowledge of security frameworks and compliance mandates (e.g., NIST, ISO More ❯

Security Incident Response (SIR) Vulnerability Response (VR) Threat Intelligence Configuration Compliance Define secure processes and automation across vulnerability management and incident response. Integrate ServiceNow SecOps with cybersecurity platforms (SIEM, SOAR, EDR, CMDB, threat intel, OT/ICS security tools). Establish SecOps roadmap, standards, and best practices across business units. Ensure scalable, secure, reusable architecture aligned with enterprise and ServiceNow More ❯

on virtualized platform , networking, and storage. * Ability to produce HLDs and LLDs with clarity and precision. * Excellent communication and stakeholder engagement skills. * Involved with integrating SentinelOne with SIEM/SOAR platforms (e.g., Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: * SentinelOne certifications (e.g., SentinelOne Certified Architect or equivalent). * Scripting knowledge (e.g., PowerShell, Python) for automation and integration. More ❯

e.g., NIST, SANS) Experience with both network-based and host-based threat detection and analysis Proficiency in writing detection queries (Splunk preferred) and working with SIEM/EDR/SOAR tools At least 5 years of experience in Information Security within the financial services sector Strong analytical and communication skills, with the ability to present complex issues clearly to stakeholders More ❯

Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. … and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the ability More ❯

engineering Solid understanding of TCP/IP, routing, firewalls, VPN, and network segmentation principles. Hands-on experience with security tools such as firewalls (Fortinet, Palo Alto, etc.), SIEM/SOAR, IDS/IPS, EDR, or vulnerability scanners. Familiarity with Linux, scripting (Python, Bash), and infrastructure-as-code concepts. Knowledge of secure configuration standards (e.g., CIS benchmarks) and common protocols (e.g. More ❯

experience leading and managing technical teams. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO/IEC 27001, IAM). Proficiency with cybersecurity tools and platforms (e.g., SIEM, SOAR, SAS, Sandboxes, EDR solutions and cloud technologies). Working of knowledge of access control principles, cloud technologies (CNAPP, CSPM), data retention, and encryption methodologies. Excellent problem-solving, investigative mindset, and More ❯

external security assessments and audits Update and maintain incident response plans, playbooks, and procedures Provide 3rd-line support to IT colleagues and the wider business Technical Skills: SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting Familiarity with security frameworks Azure and M365 security configuration and alert investigation Dashboards and visualisation tools Firewalls (CheckPoint, VMware NSX) Windows More ❯

external security assessments and audits - Update and maintain incident response plans, playbooks, and procedures - Provide 3rd-line support to IT colleagues and the wider business Technical Skills: - SIEM and SOAR platforms - Log analytics, rule creation, tuning, and threat hunting - Familiarity with security frameworks - Azure and M365 security configuration and alert investigation - Dashboards and visualisation tools - Firewalls (CheckPoint, VMware NSX) - Windows More ❯

and external security assessments and audits- Update and maintain incident response plans, playbooks, and procedures- Provide 3rd-line support to IT colleagues and the wider businessTechnical Skills:- SIEM and SOAR platforms- Log analytics, rule creation, tuning, and threat hunting- Familiarity with security frameworks- Azure and M365 security configuration and alert investigation- Dashboards and visualisation tools- Firewalls (CheckPoint, VMware NSX)- Windows More ❯

currently embarking a programme of work focused on maturity/designing and implementing security posture utilising SIEM tools such as Google Chronicle & implementing UEBA/SOAR (Security Orchestration, Automation, and Response/User and Entity Behaviour Analytics) built on GCP/Google Cloud so Google SecOps/Security Operations experience is highly desirable. Key Responsibilities; - Enable and validate UEBA alerting … and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs - BindPlane - MITRE ATT&CK - Strong SOC background … SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

Skills: Proven hands-on experience in SIEM engineering. Strong understanding of security logs across domains (identity, network, system, data, cloud). Proficient in PowerShell and Python. Good knowledge of SOAR platforms. Leadership and stakeholder management skills More ❯

understanding of Windows, Linux, and network security principles Experience with forensic or threat analysis techniques Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable Exposure to automation or SOAR tooling PowerShell or Python scripting skills GIAC or Microsoft security certifications This is an opportunity to join a highly respected security function within the London Market, working closely with senior … understanding of Windows, Linux, and network security principles * Experience with forensic or threat analysis techniques * Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable * Exposure to automation or SOAR tooling * PowerShell or Python scripting skills * GIAC or Microsoft security certifications This is an opportunity to join a highly respected security function within the London Market, working closely with senior More ❯

on virtualized platform , networking, and storage. • Ability to produce HLDs and LLDs with clarity and precision. • Excellent communication and stakeholder engagement skills. • Involved with integrating SentinelOne with SIEM/SOAR platforms (e.g., Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: • SentinelOne certifications (e.g., SentinelOne Certified Architect or equivalent). • Scripting knowledge (e.g., PowerShell, Python) for automation and integration. More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct … functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security (Azure & AWS) . More ❯

Active eDV REQUIRED Key Responsibilities Lead the design, configuration, and delivery of SIEM, SOAR, and XDR platforms (e.g., Microsoft Sentinel, IBM QRadar, CrowdStrike Falcon). Architect and deploy cloud security solutions across Azure and AWS environments. Manage and optimise vulnerability management tools (e.g., Tenable.SC, Rapid7, Qualys). Support the development and operation of Cyber Security Operations Centres (CSOCs) . Conduct … functional teams to resolve security issues. Essential Skills & Experience Proven experience (10+ years) in Cyber Security Engineering, Architecture, or Operations . Strong background in Microsoft Security Stack (Sentinel, Defender, SOAR). Hands-on experience with CrowdStrike XDR , Tenable , Rapid7 , Qualys , and ForcePoint . Deep understanding of Cisco, Check Point, and Juniper network security. Expertise in cloud security (Azure & AWS) . More ❯