26 to 49 of 49 SOAR Jobs in the UK

Implement identity access control measures and DLP controls Respond to Tier 3 security incidents Monitor threat intelligence Participate in pentests Engineer Microsoft Sentinel detections & SOAR playbooks Cyber Security Engineer: Technical Experience Microsoft Security: Defender of Endpoint, Identity, Cloud Apps, Office 365 Azure AD Microsoft Purview Cloud & Endpoint Security Azure Sentinel ...

troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring they integrate ...

Engineer - SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100, Our leading global law firm client are currently looking to take on a new SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) to join their team on a contractual … working solution 2-3 days per week in London and offer a great deal of autonomy and technical exposure. This SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) role, will be responsible for the enhancement of existing SIEM platform and improve performance, coverage ...

Engineer (SIEM & SOAR) Location: London (Onsite – 5 days per week) Salary: £65,000 base + package NOTE: Candidates for this opportunity must be eligible for UK Security Clearance. We are seeking a skilled SOC Engineer with a strong focus on SIEM and SOAR technologies to join a high-performing security … stable, scalable, and effectively supporting detection engineering, automation, and incident response functions across the SOC. Key Responsibilities Configure, maintain, and optimise SIEM and SOAR platforms, specifically Splunk ES and Splunk SOAR Design and implement integrations between SIEM/SOAR and wider security tooling (EDR, vulnerability management, IAM, etc.) Develop, enhance ...

Advanced knowledge of SIEM operations, detection engineering, and RBA Experience with large-scale data ingestion, enrichment, and pipeline design Familiarity with automation tools, SOAR, Terraform/Ansible, and CI/CD Excellent communication, stakeholder management, and problem-solving skills This is a great opportunity to play a key role ...

insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting … This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing ...

investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved detections Identify visibility gaps and … detail Excellent written and verbal communication skills Ability to translate technical findings into business and risk context Desirable Skills Experience with detection engineering or SOAR automation Purple team or red team collaboration experience Forensic analysis experience (memory, disk, network) Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR) Apply ...

excellent interpersonal and communication skills. Any experience of working in/around Security Operation Centres, using and/or managing SIEM/EDR/SOAR platforms, a good understanding of cloud platforms, and a basic ability to script would all be advantageous. Certification - Advantageous but not essential General security (CREST ...

Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage … governance and compliance teams. Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms. Drive automation initiatives using SOAR to improve response speed and reduce operational workload. Maintain robust coverage across cloud, on premise, network, and endpoint environments. Build capability through training, certifications, and ...

quality visibility and alerting. Deliver effective incident response leadership, including major incident coordination and recovery. Establish and continuously improve detection use cases and automation (SOAR/playbooks). Embed threat in. Align SOC activity to organisational risk and vulnerability prioritisation. Act as key interface with national cyber services and internal ...

quality visibility and alerting. Deliver effective incident response leadership, including major incident coordination and recovery. Establish and continuously improve detection use cases and automation (SOAR/playbooks). Embed threat in. Align SOC activity to organisational risk and vulnerability prioritisation. Act as key interface with national cyber services and internal ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

including: Firewall configuration and troubleshooting Panorama (policy management and operational tasks) Hands-on SIEM experience operating production environments (not oversight-only). Hands-on SOAR experience , preferably Palo Alto XSOAR, with custom playbook development. Proven ability to independently troubleshoot complex security issues across firewall, network, SOC, and cloud environments. ...

complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks, and automation Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes Design and maintain advanced detection use cases and correlation logic Client Engagement & Consulting Act as a trusted advisor to clients, supporting security reviews … senior/lead SOC role Strong hands-on experience with: SIEM (e.g. Microsoft Sentinel, CrowdStrike) EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black) SOAR and threat intelligence platforms Proven expertise in threat hunting and incident response Experience developing and tuning detection rules in multi-tenant environments Strong automation skills ...

complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks, and automation Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes Design and maintain advanced detection use cases and correlation logic Client Engagement & Consulting Act as a trusted advisor to clients, supporting security reviews … senior/lead SOC role Strong hands-on experience with: SIEM (e.g. Microsoft Sentinel, CrowdStrike) EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black) SOAR and threat intelligence platforms Proven expertise in threat hunting and incident response Experience developing and tuning detection rules in multi-tenant environments Strong automation skills ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

Role As our Senior Security Analyst, you will own the evolution of our security posture. Youll be the driving force behind our SIEM/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response … internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate real-world threats (malware, phishing, cloud misconfigurations) and ensure rapid remediation. Vulnerability Management: Conduct regular assessments, penetration testing, and risk analysis. Compliance & GRC: Maintain SOC 2 Type II accreditation and lead ...

Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules. Integration & Automation Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms. Enable automated ingestion of security alerts and events from multiple sources into ServiceNow. Develop workflow automations, Flow Designer … within ServiceNow SecOps. Strong understanding of security incident response frameworks (eg NIST, ISO 27035). Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms. Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations. Experience with REST APIs and data ingestion ...

Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules. Integration & Automation Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms. Enable automated ingestion of security alerts and events from multiple sources into ServiceNow. Develop workflow automations, Flow Designer … within ServiceNow SecOps. Strong understanding of security incident response frameworks (eg NIST, ISO 27035). Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms. Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations. Experience with REST APIs and data ingestion ...

incident response lifecycle (detection through to recovery and post-incident review) Overseeing threat detection, vulnerability management, and cyber defence capabilities Driving improvements across SIEM, SOAR, EDR/XDR, and security tooling Ensuring robust monitoring, alerting, and response across cloud, network, and endpoint environments Partnering with Infrastructure, Cloud, and Risk teams … risks, and KPIs to senior stakeholders What We're Looking For Proven experience leading a Security Operations or SOC function Strong understanding of SIEM, SOAR, EDR/XDR, IDS/IPS, and security tooling Experience managing incident response and threat management in complex environments Strong knowledge of frameworks such ...

Role Description: This role focuses on supporting and maintaining Red Hat Linux servers, troubleshooting system issues, and assisting with the operation of SIEM and SOAR technologies. It involves monitoring data collection and analysis processes, onboarding data sources, and ensuring that cyber tools receive accurate and consistent information. The position also … and deliver efficient, reliable cybersecurity services. Assisting and Monitoring RedHat Linux Servers. Troubleshooting Linux systems to identify and escalate technical. Assisting & supporting SIEM/SOAR technologies. Monitoring systems for data collection, indexing, and analysis . Please be aware that this is NOT a SOC role. Core Duties: Detecting and diagnosing ...

Security Consultant/Engineer - Fortinet, NSE7, SIEM, SOAR, LAN - £55,000 - £75,000 - NW England Do you want to be one of the Fortinet experts within a Fortinet Expert Partner? Do you want to work on some of the most exciting SecOps projects out there? Do you want … escalation when needed Be able to undergo DBS clearance. NPPV3 - will need to be undertaken post probation. Security Consultant/Engineer - Fortinet, NSE7, SIEM, SOAR, LAN - £55,000 - £75,000 - NW England ...

Security Analyst - CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender Our leading global law firm client are currently looking to take on a new Security Analyst (CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender) to join their team … days per week in London and offer a great deal of autonomy and technical exposure. This Security Analyst (CISSP, CISM, CEH, EDR, SIEM, SOAR, IDS/IPS, TCP/IP, Defender) role, will be responsible for the day to day operations of existing security solutions and uses tools to identify ...