26 to 50 of 54 SOAR Jobs in the UK

content lifecycle: design, test, deploy, monitor, tune and retire, using version control and rollback processes. Automate workflows and platform configurations using CI/CD, SOAR, scripting and Infrastructure as Code tools such as Terraform and Ansible. Ensure platform performance, stability and resilience through capacity planning, high availability, disaster recovery and ...

remediation, validating fixes, and assisting with reporting. Develop and maintain playbooks, runbooks, and procedural documentation. Required Skills: Microsoft Defender XDR Microsoft Sentinel (SIEM/SOAR) Privacy Management Solutions (e.g. Purview, OneTrust) Understanding of key cybersecurity and privacy concepts, such as Threat detection and analysis, Incident response lifecycle, Vulnerability and exposure ...

CISM, AWS Security Specialty or ISO 27001 Lead Implementer. Experience with WAF and bot management in a production e-commerce context. Familiarity with SIEM, SOAR or security automation tooling. Exposure to ISO 27001 implementation or SOC 2 readiness programmes. Experience with multi-cloud security across Azure and GCP. Background ...

managing and operating FortiGate firewalls ·Proven experience with Active Directory/Azure AD, including patch and group policy management ·Cloud native SIEM, SOCs and SOAR ·Windows Server, Windows 11, and Microsoft Application Suite ·Experience with adoption of Infrastructure-as-Code (IaC) utilising technologies such as Terraform and Ansible. ·Mobile Device ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

follows and complies with IT and Information Security policies and regulatory standards. Help configure and keep current the integration of IAM technologies with SIEM, SOAR, Service Desk and other tools. Work closely with relevant vendors to ensure optimised use of the supplied technologies and professional services. Serve as an escalation ...

across multiple environments Create, tune, and improve detection rules and use cases to identify threats quickly Support incident triage, investigations, and response activities Build SOAR-style workflows to improve response speed, consistency, and efficiency Cloud Security Implement and enhance security controls across AWS and Azure environments Review cloud configurations … Experience with SIEM platforms such as Microsoft Sentinel, Elastic, Splunk, or similar Strong knowledge of detection engineering, alert tuning, and log management Experience with SOAR or security automation tooling Scripting skills in Python and/or PowerShell Experience with EDR, endpoint security, and identity controls Good knowledge of networking, firewalls ...

technical escalation point for high-priority security incidents, utilizing EDR and SIEM tools for rapid containment. Automation: Develop "SOAR" workflows (Security Orchestration, Automation, and Response) to reduce manual intervention and improve response times. Threat Hunting: Proactively search for undetected malicious activity using specialized queries. Training . Build up the Crowdstrike ...

Implement identity access control measures and DLP controls Respond to Tier 3 security incidents Monitor threat intelligence Participate in pentests Engineer Microsoft Sentinel detections & SOAR playbooks Cyber Security Engineer: Technical Experience Microsoft Security: Defender of Endpoint, Identity, Cloud Apps, Office 365 Azure AD Microsoft Purview Cloud & Endpoint Security Azure Sentinel ...

troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring they integrate ...

Engineer - SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100, Our leading global law firm client are currently looking to take on a new SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) to join their team on a contractual … working solution 2-3 days per week in London and offer a great deal of autonomy and technical exposure. This SOC Engineer (SIEM, Exabeam, SOAR, EDR, IDS/IPS, MITRE, Azure, SC-200, SC-100) role, will be responsible for the enhancement of existing SIEM platform and improve performance, coverage ...

Advanced knowledge of SIEM operations, detection engineering, and RBA Experience with large-scale data ingestion, enrichment, and pipeline design Familiarity with automation tools, SOAR, Terraform/Ansible, and CI/CD Excellent communication, stakeholder management, and problem-solving skills This is a great opportunity to play a key role ...

insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting … This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing ...

insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting … This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing ...

investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved detections Identify visibility gaps and … detail Excellent written and verbal communication skills Ability to translate technical findings into business and risk context Desirable Skills Experience with detection engineering or SOAR automation Purple team or red team collaboration experience Forensic analysis experience (memory, disk, network) Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR) Apply ...

excellent interpersonal and communication skills. Any experience of working in/around Security Operation Centres, using and/or managing SIEM/EDR/SOAR platforms, a good understanding of cloud platforms, and a basic ability to script would all be advantageous. Certification - Advantageous but not essential General security (CREST ...

Operations team and primary relationship with any outsourced SOC solution ensuring 24/7 monitoring and response coverage. Oversee cyber defence capabilities including SIEM, SOAR, EDR/XDR, threat intelligence, and identity protection. Develop and maintain operational procedures, playbooks, and response frameworks. Direct the full incident response lifecycle: detection, triage … governance and compliance teams. Ensure the design, tuning, and optimisation of detection rules, alerts, and correlation logic across security platforms. Drive automation initiatives using SOAR to improve response speed and reduce operational workload. Maintain robust coverage across cloud, on premise, network, and endpoint environments. Build capability through training, certifications, and ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks, and automation Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes Design and maintain advanced detection use cases and correlation logic Client Engagement & Consulting Act as a trusted advisor to clients, supporting security reviews … senior/lead SOC role Strong hands-on experience with: SIEM (e.g. Microsoft Sentinel, CrowdStrike) EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black) SOAR and threat intelligence platforms Proven expertise in threat hunting and incident response Experience developing and tuning detection rules in multi-tenant environments Strong automation skills ...

complex or high-severity incidents across client environments Develop and optimise detection rules, playbooks, and automation Improve SOC tooling (SIEM, EDR/XDR, SOAR) and operational processes Design and maintain advanced detection use cases and correlation logic Client Engagement & Consulting Act as a trusted advisor to clients, supporting security reviews … senior/lead SOC role Strong hands-on experience with: SIEM (e.g. Microsoft Sentinel, CrowdStrike) EDR/XDR (e.g. CrowdStrike, Microsoft Defender, Carbon Black) SOAR and threat intelligence platforms Proven expertise in threat hunting and incident response Experience developing and tuning detection rules in multi-tenant environments Strong automation skills ...

Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules. Integration & Automation Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms. Enable automated ingestion of security alerts and events from multiple sources into ServiceNow. Develop workflow automations, Flow Designer … within ServiceNow SecOps. Strong understanding of security incident response frameworks (e.g. NIST, ISO 27035). Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms. Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations. Experience with REST APIs and data ingestion ...

Role As our Senior Security Analyst, you will own the evolution of our security posture. Youll be the driving force behind our SIEM/SOAR capabilities and the guardian of our SOC 2 Type II and ISO 27001 standards. Key Responsibilities: Security Operations: Lead monitoring, detection, and incident response … internal and client-facing systems. SIEM/SOAR Ownership: Enhance and automate our Azure Sentinel capabilities. Incident Response: Investigate real-world threats (malware, phishing, cloud misconfigurations) and ensure rapid remediation. Vulnerability Management: Conduct regular assessments, penetration testing, and risk analysis. Compliance & GRC: Maintain SOC 2 Type II accreditation and lead ...

Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules. Integration & Automation Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms. Enable automated ingestion of security alerts and events from multiple sources into ServiceNow. Develop workflow automations, Flow Designer … within ServiceNow SecOps. Strong understanding of security incident response frameworks (eg NIST, ISO 27035). Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms. Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations. Experience with REST APIs and data ingestion ...

Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules. Integration & Automation Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms. Enable automated ingestion of security alerts and events from multiple sources into ServiceNow. Develop workflow automations, Flow Designer … within ServiceNow SecOps. Strong understanding of security incident response frameworks (eg NIST, ISO 27035). Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms. Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations. Experience with REST APIs and data ingestion ...