26 to 50 of 80 SOAR Jobs in the UK

Up to £78,500 (DOE) + Bonus Working arrangement: Hybrid Office Location: Portsmouth As a Senior Security Engineer, you will: Design, deploy, and maintain core SOC technologies (SIEM, EDR, SOAR, threat intelligence, and logging infrastructure). Develop and optimise detection use cases, correlation rules, and analytics content. Build and maintain automation workflows and integrations using automation platforms or custom scripting. … and cloud security (Azure, AWS, or M365). Solid understanding of network, system, and identity security fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). More ❯

strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the ability More ❯

strongly preferred). Expertise in IAM technologies (SailPoint, Okta, Azure AD, CyberArk, Ping Identity), DLP platforms (Symantec, Microsoft Purview, Forcepoint, Digital Guardian), and security engineering tools (EDR, CSPM, SIEM, SOAR, vulnerability management). Strong knowledge of Zero Trust, data protection regulations (GDPR, FCA, PRA), cloud-native security, and DevSecOps practices. Exceptional leadership, communication, and stakeholder engagement skills, with the ability More ❯

external security assessments and audits Update and maintain incident response plans, playbooks, and procedures Provide 3rd-line support to IT colleagues and the wider business Technical Skills: SIEM and SOAR platforms Log analytics, rule creation, tuning, and threat hunting Familiarity with security frameworks Azure and M365 security configuration and alert investigation Dashboards and visualisation tools Firewalls (CheckPoint, VMware NSX) Windows More ❯

external security assessments and audits - Update and maintain incident response plans, playbooks, and procedures - Provide 3rd-line support to IT colleagues and the wider business Technical Skills: - SIEM and SOAR platforms - Log analytics, rule creation, tuning, and threat hunting - Familiarity with security frameworks - Azure and M365 security configuration and alert investigation - Dashboards and visualisation tools - Firewalls (CheckPoint, VMware NSX) - Windows More ❯

and external security assessments and audits- Update and maintain incident response plans, playbooks, and procedures- Provide 3rd-line support to IT colleagues and the wider businessTechnical Skills:- SIEM and SOAR platforms- Log analytics, rule creation, tuning, and threat hunting- Familiarity with security frameworks- Azure and M365 security configuration and alert investigation- Dashboards and visualisation tools- Firewalls (CheckPoint, VMware NSX)- Windows More ❯

on virtualized platform , networking, and storage. • Ability to produce HLDs and LLDs with clarity and precision. • Excellent communication and stakeholder engagement skills. • Involved with integrating SentinelOne with SIEM/SOAR platforms (e.g., Splunk) and deployment to Windows and RHEL endpoints. Preferred Qualifications: • SentinelOne certifications (e.g., SentinelOne Certified Architect or equivalent). • Scripting knowledge (e.g., PowerShell, Python) for automation and integration. More ❯

e.g., NIST, SANS) Experience with both network-based and host-based threat detection and analysis Proficiency in writing detection queries (Splunk preferred) and working with SIEM/EDR/SOAR tools At least 5 years of experience in Information Security within the financial services sector Strong analytical and communication skills, with the ability to present complex issues clearly to stakeholders More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

level security architectures in hybrid and cloud (AWS/Azure) environments. Strong hands-on expertise with enterprise security platforms – including Endpoint Protection, Cloud Security, Network Security, DevSecOps, SIEM/SOAR, and vulnerability management. Deep understanding of secure design principles, IAM, encryption, API security, and application security. Experience performing threat modelling, security risk assessments, and control design validation. In-depth knowledge More ❯

Skills: Proven hands-on experience in SIEM engineering. Strong understanding of security logs across domains (identity, network, system, data, cloud). Proficient in PowerShell and Python. Good knowledge of SOAR platforms. Leadership and stakeholder management skills More ❯

as CISSP, TOGAF, CCSP, GCIH or equivalent Strong experience securing Microsoft cloud environments (Azure) – design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges, patterns and controls Demonstrated More ❯

as CISSP, TOGAF, CCSP, GCIH or equivalent Strong experience securing Microsoft cloud environments (Azure) design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges, patterns and controls Demonstrated More ❯

as CISSP, TOGAF, CCSP, GCIH or equivalent Strong experience securing Microsoft cloud environments (Azure) - design, deployment, configuration and management Broad knowledge of infrastructure and security solutions, including SIEM/SOAR Proven track record designing end-to-end solutions with security Embedded across network, infrastructure, access, cloud services, controls and SecOps Experience addressing cloud-specific security challenges, patterns and controls Demonstrated More ❯

the following skills and experience: Significant experience administering and scaling Elastic SIEM - Elastic Security, Elastic Stack) -in enterprise environments Expertise with automation and orchestration tools, such as Tines and SOAR platforms Familiarity with Bash, Python or equivalent languages Strong knowledge of Linux systems, networking and cloud logging architectures Proven ability to manage upgrades, migrations and high-availability deployments Experience in More ❯

Security Orchestration, Automation & Response (SOAR) Engineer | Palo Alto Cortex XSOAR, Python, Rest API's, Linux & Windows | Up to £1000 Inside | 2 Days p/week in London We are seeking an experienced Security Orchestration, Automation & Response (SOAR) Engineer to strengthen cyber threat detection and automation capabilities within a leading financial organisation. This role combines hands-on technical expertise with strategic … to design, build, and optimise security workflows — enabling faster, more effective incident response and reducing manual effort through automation. Key Responsibilities: Develop and enhance security detections and automations across SOAR platforms (ideally Palo Alto Cortex XSOAR) Create and maintain playbooks and integrations to improve incident response and operational efficiency Collaborate across teams to improve detection coverage and response workflows Monitor … query languages (KQL or similar) Understanding of REST APIs and ability to develop and consume them Experience working in Azure environments Strong background in Windows, Linux, and macOS administration Security Orchestration, Automation & Response (SOAR) Engineer | Palo Alto Cortex XSOAR, Python, Rest API's, Linux & Windows | Up to £1000 Inside | 2 Days p/week in London More ❯

Security Orchestration, Automation & Response (SOAR) Engineer | Palo Alto Cortex XSOAR, Python, Rest API's, Linux & Windows | Up to £1000 Inside | 2 Days p/week in London We are seeking an experienced Security Orchestration, Automation & Response (SOAR) Engineer to strengthen cyber threat detection and automation capabilities within a leading financial organisation. This role combines hands-on technical expertise with strategic … to design, build, and optimise security workflows — enabling faster, more effective incident response and reducing manual effort through automation. Key Responsibilities: Develop and enhance security detections and automations across SOAR platforms (ideally Palo Alto Cortex XSOAR) Create and maintain playbooks and integrations to improve incident response and operational efficiency Collaborate across teams to improve detection coverage and response workflows Monitor … query languages (KQL or similar) Understanding of REST APIs and ability to develop and consume them Experience working in Azure environments Strong background in Windows, Linux, and macOS administration Security Orchestration, Automation & Response (SOAR) Engineer | Palo Alto Cortex XSOAR, Python, Rest API's, Linux & Windows | Up to £1000 Inside | 2 Days p/week in London More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft's security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

this role if you are/have: 10+ years hands-on experience in cyber security operations and/or engineering Experience setting up security operations centres including SIEM and SOAR Strong understanding of end-to-end security incident management and response Threat intelligence digital forensics and SOC automation experience Degree educated or higher from a leading academic institution More ❯

this role if you are/have: 10+ years hands-on experience in cyber security operations and/or engineering Experience setting up security operations centres including SIEM and SOAR Strong understanding of end-to-end security incident management and response Threat intelligence digital forensics and SOC automation experience Degree educated or higher from a leading academic institution More ❯

etc. a plus. ? Nice to Have Cloud certifications (Azure, AWS, GCP) Experience working in regulated environments (e.g., finance, government) SAFe Agile or Scrum certifications Prior experience with SIEM/SOAR integration, API security, or Identity Governance ?? Why Join Us Play a key role in shaping enterprise-wide secure access architecture Work with a forward-thinking, cross-functional security team Be More ❯

etc. a plus. Nice to Have Cloud certifications (Azure, AWS, GCP) Experience working in regulated environments (e.g., finance, government) SAFe Agile or Scrum certifications Prior experience with SIEM/SOAR integration, API security, or Identity Governance Why Join Us Play a key role in shaping enterprise-wide secure access architecture Work with a forward-thinking, cross-functional security team Be More ❯