26 to 38 of 38 SOAR Jobs in the UK

technical complexity into clear business outcomes Confidence presenting to both technical and non-technical stakeholders A solid understanding of modern security architectures, including SIEM, SOAR, and managed security services Exposure to advanced security domains such as DDoS protection, WAF, IAM, EDR, MDM, and vulnerability management Continuous learning is a core ...

internal IT, security, infrastructure and OT stakeholders Manage third-party vendors, MSSPs and tooling partners Support selection and implementation of SOC tooling (e.g. SIEM, SOAR, detection and response platforms) Ensure clear operating models, processes and handovers into BAU Track progress, manage issues, and report clearly to senior stakeholders Support ...

Azure DevOps). . ITIL change leadership and MIM experience; disciplined PIR culture. . Strong troubleshooting across layers (network, identity, endpoint, Proxy, SIEM/SOAR). Preferred Certifications . CCNP/CCIE, Zscaler Professional, Fortinet NSE 4+, Splunk Admin/ES, ITIL 4 MP (or equivalents). KPIs . Change ...

and Major Incident Management (MIM), with a disciplined post-incident review culture. Excellent troubleshooting skills across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your ...

and Major Incident Management (MIM), with a disciplined post-incident review culture. Excellent troubleshooting skills across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your ...

and improving detection across SIEM and EDR platforms. Proactive threat hunting across cloud infrastructure, applications, and CI/CD environments. Building and maintaining automation and response playbooks using SOAR tooling. Working closely with DevOps, infrastructure and engineering teams to improve security posture and response capability. Reducing alert fatigue, improving logging ...

including infrastructure, data ingestion pipelines, and cloud security posture components. Lead the implementation and optimization of Microsoft security technologies such as Sentinel , Defender XDR , SOAR , and integrations involving DevOps (IDE/CI/CD) and Cribl . Develop advanced security analytics, threat intelligence models, and monitoring capabilities for cloud and … best practices, and innovation within the enterprise security architecture domain. Required Skills & Expertise Deep expertise in enterprise security technologies, especially: Microsoft Sentinel Defender XDR SOAR DevOps security (IDE/CI/CD) Cribl Strong hands-on experience with: Azure Security services Cloud Security Posture Management (CSPM) Data ingestion frameworks Security ...

with enterprise architecture standards, secure by design principles, and regulatory requirements. - development of data ingestion, telemetry, and integration patterns between Darktrace, Defender, SIEM/SOAR tools, and existing security stacks. - production of architecture decision records, design patterns, and technical documentation for long-term maintainability. - Leading technical delivery workstreams, providing direction … across both platforms. - Coordinate testing, validation, and acceptance of detection capabilities, including simulation of realistic attack techniques. - Integrate Darktrace and Defender outputs into SIEM, SOAR, and ticketing systems. - Work with SOC and automation teams to design playbooks, response workflows, and escalation paths. - Ensure centralised logging, enrichment, and context tagging ...

teams during major incidents, drive containment and recovery, and own post-incident reviews and playbooks. The role includes mentoring CIRT analysts , enhancing SIEM/SOAR automation, and continuously improving processes using frameworks such as MITRE ATT&CK, NIST 800-61, and PCI DSS. What this job is really about Owning … runbook.? You've used InsightIDR or another MDR/SIEM platform for rule creation, tuning and dashboards, and you're not afraid of SOAR tools like InsightConnect or Cortex XSOAR.? Python or PowerShell are part of your toolkit, and retail networks, POS systems, and cloud infrastructure don't intimidate you. ...

Security Architect to lead the design, deployment, and optimization of Palo Alto Cortex XDR across enterprise environments. The role requires deep expertise in SIEM and SOAR Platform, strong exposure to security automation, and hands-on experience integrating with SIEM platforms for centralized monitoring and incident response. The architect will drive … cause analysis Tune detection policies, alert thresholds, and prevention profiles Oversee agent deployment, upgrades, and performance optimization Automation & SOAR Design and implement security automation and response workflows Integrate Cortex XDR with SOAR platforms (Cortex XSOAR preferred) Develop automated playbooks for: Alert triage and enrichment Containment and remediation (endpoint isolation, user ...

highly regulated environment, ideally in finance/banking. - Extensive knowledge of performing architecture reviews and driving cyber transformation programmes. - Strong knowledge of SIEM, SOAR, EDR/XDR, threat intelligence platforms, logging and monitoring frameworks. - Excellent communication and stakeholder management skills. Responsibilities - Perform a detailed analysis of the organisation's existing … cyber security operations. - Map out the current architecture, identifying strengths, weaknesses, gaps and inefficiencies. - Advise senior leadership on SecOps strategy, covering tooling, SIEM/SOAR use, incident response maturity, vendor consolidation and internal capability development. - Create actionable remediation plans and strategic roadmaps for long-term cyber resilience. What you need ...

months, ideally in regulated or high-availability environments. End-to-End Programme Ownership Full lifecycle ownership of major initiatives including MDR consolidation, SIEM, SOAR, and security data lake deployments , delivering measurable business outcomes. Formal RFP & Vendor Management Expertise Proven experience authoring RFPs, evaluating vendors, and overseeing complex onboarding and integration. … clear understanding of what succeeds (and fails) under real-world pressure. Vendor-Neutral Technical Leadership Ability to navigate and apply leading MDR, SIEM, SOAR, and data lake technologies agnostically to the problem being solved. AI & Automation Proficiency Practical experience implementing agentic assistance and managing semi-autonomous security systems. Security Architecture ...

Role: SOC -Security Platform Engineer Location: London Salary: Competitive salary and package dependent on experience Career Level: Specialist Please Note: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a ...