26 to 33 of 33 SOAR Jobs in the UK

and Major Incident Management (MIM), with a disciplined post-incident review culture. Excellent troubleshooting skills across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your ...

and Major Incident Management (MIM), with a disciplined post-incident review culture. Excellent troubleshooting skills across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your ...

ISACs, OSINT) into practical detections and control improvements Identifying gaps in monitoring and enhancing detection capabilities Supporting deployment and automation of security tooling (SIEM, SOAR, EDR, DLP, WAF, email security) Developing automation using Python, Bash, or PowerShell Acting as an escalation point for junior analysts and helping guide them About … experience in at least two of: detection engineering, incident response, security engineering, threat hunting, or threat intelligence Strong experience with security tooling (SIEM, SOAR, EDR, DLP) Understanding of MITRE ATT&CK, cyber kill chain, and attacker tradecraft Experience investigating complex security incidents across applications and infrastructure Familiarity with offensive tools ...

including infrastructure, data ingestion pipelines, and cloud security posture components. Lead the implementation and optimization of Microsoft security technologies such as Sentinel , Defender XDR , SOAR , and integrations involving DevOps (IDE/CI/CD) and Cribl . Develop advanced security analytics, threat intelligence models, and monitoring capabilities for cloud and … best practices, and innovation within the enterprise security architecture domain. Required Skills & Expertise Deep expertise in enterprise security technologies, especially: Microsoft Sentinel Defender XDR SOAR DevOps security (IDE/CI/CD) Cribl Strong hands-on experience with: Azure Security services Cloud Security Posture Management (CSPM) Data ingestion frameworks Security ...

with enterprise architecture standards, secure by design principles, and regulatory requirements. - development of data ingestion, telemetry, and integration patterns between Darktrace, Defender, SIEM/SOAR tools, and existing security stacks. - production of architecture decision records, design patterns, and technical documentation for long-term maintainability. - Leading technical delivery workstreams, providing direction … across both platforms. - Coordinate testing, validation, and acceptance of detection capabilities, including simulation of realistic attack techniques. - Integrate Darktrace and Defender outputs into SIEM, SOAR, and ticketing systems. - Work with SOC and automation teams to design playbooks, response workflows, and escalation paths. - Ensure centralised logging, enrichment, and context tagging ...

teams during major incidents, drive containment and recovery, and own post-incident reviews and playbooks. The role includes mentoring CIRT analysts , enhancing SIEM/SOAR automation, and continuously improving processes using frameworks such as MITRE ATT&CK, NIST 800-61, and PCI DSS. What this job is really about Owning … runbook.? You've used InsightIDR or another MDR/SIEM platform for rule creation, tuning and dashboards, and you're not afraid of SOAR tools like InsightConnect or Cortex XSOAR.? Python or PowerShell are part of your toolkit, and retail networks, POS systems, and cloud infrastructure don't intimidate you. ...

highly regulated environment, ideally in finance/banking. - Extensive knowledge of performing architecture reviews and driving cyber transformation programmes. - Strong knowledge of SIEM, SOAR, EDR/XDR, threat intelligence platforms, logging and monitoring frameworks. - Excellent communication and stakeholder management skills. Responsibilities - Perform a detailed analysis of the organisation's existing … cyber security operations. - Map out the current architecture, identifying strengths, weaknesses, gaps and inefficiencies. - Advise senior leadership on SecOps strategy, covering tooling, SIEM/SOAR use, incident response maturity, vendor consolidation and internal capability development. - Create actionable remediation plans and strategic roadmaps for long-term cyber resilience. What you need ...

months, ideally in regulated or high-availability environments. End-to-End Programme Ownership Full lifecycle ownership of major initiatives including MDR consolidation, SIEM, SOAR, and security data lake deployments , delivering measurable business outcomes. Formal RFP & Vendor Management Expertise Proven experience authoring RFPs, evaluating vendors, and overseeing complex onboarding and integration. … clear understanding of what succeeds (and fails) under real-world pressure. Vendor-Neutral Technical Leadership Ability to navigate and apply leading MDR, SIEM, SOAR, and data lake technologies agnostically to the problem being solved. AI & Automation Proficiency Practical experience implementing agentic assistance and managing semi-autonomous security systems. Security Architecture ...