26 to 50 of 58 SOAR Jobs in the UK

levels of cyber investment including governance, tooling and staffing within the CSOC Essential skills & experience Proven experience managing Security Event Monitoring operations — SIEM/SOAR, antivirus, network and host IDS/IPS Strong working knowledge of NCSC incident response processes, GDPR, NIS regulations and MITRE ATT&CK Experience in threat ...

levels of cyber investment including governance, tooling and staffing within the CSOC Essential skills & experience Proven experience managing Security Event Monitoring operations — SIEM/SOAR, antivirus, network and host IDS/IPS Strong working knowledge of NCSC incident response processes, GDPR, NIS regulations and MITRE ATT&CK Experience in threat ...

content lifecycle: design, test, deploy, monitor, tune and retire, using version control and rollback processes. Automate workflows and platform configurations using CI/CD, SOAR, scripting and Infrastructure as Code tools such as Terraform and Ansible. Ensure platform performance, stability and resilience through capacity planning, high availability, disaster recovery and ...

remediation, validating fixes, and assisting with reporting. Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: Microsoft Defender XDR Microsoft Sentinel (SIEM/SOAR) Privacy Management Solutions (e.g. Purview, OneTrust) Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and exposure ...

CISM, AWS Security Specialty or ISO 27001 Lead Implementer. Experience with WAF and bot management in a production e-commerce context. Familiarity with SIEM, SOAR or security automation tooling. Exposure to ISO 27001 implementation or SOC 2 readiness programmes. Experience with multi-cloud security across Azure and GCP. Background ...

managing and operating FortiGate firewalls ·Proven experience with Active Directory/Azure AD, including patch and group policy management ·Cloud native SIEM, SOCs and SOAR ·Windows Server, Windows 11, and Microsoft Application Suite ·Experience with adoption of Infrastructure-as-Code (IaC) utilising technologies such as Terraform and Ansible. ·Mobile Device ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

across multiple environments Create, tune, and improve detection rules and use cases to identify threats quickly Support incident triage, investigations, and response activities Build SOAR-style workflows to improve response speed, consistency, and efficiency Cloud Security Implement and enhance security controls across AWS and Azure environments Review cloud configurations … Experience with SIEM platforms such as Microsoft Sentinel, Elastic, Splunk, or similar Strong knowledge of detection engineering, alert tuning, and log management Experience with SOAR or security automation tooling Scripting skills in Python and/or PowerShell Experience with EDR, endpoint security, and identity controls Good knowledge of networking, firewalls ...

technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike ...

troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring they integrate ...

Description SOC Engineer - SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100, Our leading global law firm client are currently looking to take on a new SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) to join their team … working solution 2-3 days per week in London and offer a great deal of autonomy and technical exposure. This SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) role, will be responsible for the enhancement of existing SIEM platform and improve performance, coverage ...

Engineer - SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100, Our leading global law firm client are currently looking to take on a new SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) to join their team on a contractual … working solution 2-3 days per week in London and offer a great deal of autonomy and technical exposure. This SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) role, will be responsible for the enhancement of existing SIEM platform and improve performance, coverage ...

Advanced knowledge of SIEM operations, detection engineering, and RBA Experience with large-scale data ingestion, enrichment, and pipeline design Familiarity with automation tools, SOAR, Terraform/Ansible, and CI/CD Excellent communication, stakeholder management, and problem-solving skills This is a great opportunity to play a key role ...

insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting … This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing ...

insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting … This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing ...

investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved detections Identify visibility gaps and … detail Excellent written and verbal communication skills Ability to translate technical findings into business and risk context Desirable Skills Experience with detection engineering or SOAR automation Purple team or red team collaboration experience Forensic analysis experience (memory, disk, network) Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR) Apply ...

excellent interpersonal and communication skills. Any experience of working in/around Security Operation Centres, using and/or managing SIEM/EDR/SOAR platforms, a good understanding of cloud platforms, and a basic ability to script would all be advantageous. Certification - Advantageous but not essential General security (CREST ...

Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage … governance and compliance teams. Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms. Drive automation initiatives using SOAR to improve response speed and reduce operational workload. Maintain robust coverage across cloud, on premise, network, and endpoint environments. Build capability through training, certifications, and ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

during live security incidents Develop and maintain SOC playbooks and automation workflows Analyse firewall alerts and support configuration troubleshooting Tune SIEM, EDR, XDR, and SOAR tools to reduce false positives Maintain detailed incident documentation and lessons learned Provide mentoring and technical guidance to Tier 1 analysts Skills & Experience Required Proven … security operations environment Strong understanding of cyber threats, attack techniques, and defensive controls Hands-on experience with SIEM, EDR, XDR, and SOAR platforms Solid networking knowledge (TCP/IP, firewalls, common protocols) Strong analytical and problem-solving skills Excellent written and verbal communication skills Ability to manage multiple incidents effectively ...

complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks, and automation Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes Design and maintain advanced detection use cases and correlation logic Client Engagement & Consulting Act as a trusted advisor to clients, supporting security reviews … senior/lead SOC role Strong hands-on experience with: SIEM (e.g. Microsoft Sentinel, CrowdStrike) EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black) SOAR and threat intelligence platforms Proven expertise in threat hunting and incident response Experience developing and tuning detection rules in multi-tenant environments Strong automation skills ...

complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks, and automation Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes Design and maintain advanced detection use cases and correlation logic Client Engagement & Consulting Act as a trusted advisor to clients, supporting security reviews … senior/lead SOC role Strong hands-on experience with: SIEM (e.g. Microsoft Sentinel, CrowdStrike) EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black) SOAR and threat intelligence platforms Proven expertise in threat hunting and incident response Experience developing and tuning detection rules in multi-tenant environments Strong automation skills ...

Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules. Integration & Automation Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms. Enable automated ingestion of security alerts and events from multiple sources into ServiceNow. Develop workflow automations, Flow Designer … within ServiceNow SecOps. Strong understanding of security incident response frameworks (e.g. NIST, ISO 27035). Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms. Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations. Experience with REST APIs and data ingestion ...