26 to 42 of 42 SOAR Jobs in the UK

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

Microsoft Sentinel (SIEM) and Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, etc.). Proven track record in security monitoring, incident response, and alert troubleshooting . Working knowledge of SOAR platforms (preferably within Sentinel or similar). Understanding of threat detection, log analysis, and automation within Microsoft’s security ecosystem. Experience with Tenable is beneficial Knowledge of Microsoft Purview would … security alerts and incidents in Microsoft Sentinel and Microsoft Defender . Perform detailed security event analysis and correlation, escalating incidents where necessary. Develop and optimise SOAR (Security Orchestration, Automation and Response) playbooks to enhance incident response and efficiency. Collaborate with wider IT and security teams to improve threat detection, incident handling, and response processes. Apply now to speak with VIQU More ❯

investigation of identity-based attacks. Validate secure delegation models, access review processes, and identity lifecycle controls defined by IAM. Threat Detection, Monitoring & Incident Response Own and operate SIEM and SOAR tooling, including Microsoft Sentinel, Defender XDR, Identity Protection, and threat analytics. Develop and refine detection rules, correlation logic, threat hunting use cases, and behavioural analytics. Investigate and support incident response … for Cloud, Conditional Access, and identity protection tooling. Deep knowledge of Microsoft Entra ID, AD DS, MFA, PIM, RBAC, and hybrid identity security. Hands-on experience with SIEM (Sentinel), SOAR, EDR (MDE), CSPM, and vulnerability management tools. Experience securing Windows Server, PKI/ADCS, domain controllers, and virtualisation environments. Practical understanding of Zero Trust security principles and secure-by-design. More ❯

etc. a plus. Nice to Have Cloud certifications (Azure, AWS, GCP) Experience working in regulated environments (e.g., finance, government) SAFe Agile or Scrum certifications Prior experience with SIEM/SOAR integration, API security, or Identity Governance Why Join Us Play a key role in shaping enterprise-wide secure access architecture Work with a forward-thinking, cross-functional security team Be More ❯

the Technical Operations function by providing support to other members of the team to protect against cyber threats. Lead in the identification and the creation, maintenance and troubleshooting of SOAR playbooks, automations and enrichments. Apply critical thinking to solve unique problems in the information security space. Enhancing the processes around interacting with large datasets to construct actionable information to enhance More ❯

and evolve secure frameworks using Microsoft Security (Defender, Sentinel, Purview, Entra) and integrate Qualys vulnerability management for continuous threat detection and remediation. Automate & Innovate: Lead the charge on automation (SOAR, IaC, workflow automation) and embed Gen AI into security operations, threat intelligence, and reporting. Set Standards: Develop and enforce security architecture standards, governance, and best practicesespecially for AI and automation … for emerging tech. The following would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through our one of a kind training programme, the Littlefish More ❯

security logs across multiple domains identity and access, network, system, data, application, cloud and multiple product types. Proficiency in data analysis and scripting languages (e.g., PowerShell, Python). Strong Security Orchestration, Automation and Response (SOAR) knowledge. Team leadership experience with great collaboration and stakeholder management skills More ❯

comprehensive Insider Threat program Hands-on experience conducting DLP operations in the Cloud as well as desired knowledge of other solutions like UEBA,CASB etc. Experience utilizing SIEM/SOAR for data analytics and investigations Passionate about innovation and enjoys the challenges of creating something new Ideally having experience leading teams operationally and mentoring technical associates Stays current with evolving More ❯

who enjoys building, optimising, and automating SOC infrastructure. This role sits within a growing Cyber Defence operation where you’ll help design and maintain the platforms behind SIEM, EDR, SOAR, and threat intelligence tooling, improving detection coverage and enabling analysts to respond faster. Key responsibilities: Engineer and maintain SIEM, EDR, SOAR, and logging platforms. Develop automation and integrations using scripting … platforms such as Sentinel, Splunk, Defender, or Elastic. Scripting/automation ability (PowerShell, KQL, Python, etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications More ❯

Response: Improve playbooks and processes, lead escalated security incidents, oversee remediation and recovery actions, track incidents, liaise with partners, report findings, and apply root cause analysis with lessons learned. SOAR Development: Support and develop the SOAR platform by producing workflows to automate responses to common attack types and enhance operational playbooks. Digital Forensics: Use forensic tools and techniques to analyse … log correlation, analysis, forensics, and chain of custody requirements. Familiarity with regulatory frameworks (NCSC CAF, ISO/IEC 27001/27002, GDPR, CIS, NIST). Practical knowledge of SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, web/email filtering, behavioural analytics, TCP/IP and OT protocols, and security applications. Understanding of adversarial TTPs and frameworks such … as MITRE ATT&CK. Experience with SIEM and SOAR solutions, IAM, and DLP tools (e.g. FortiSIEM, Q-Radar, Microsoft Secure Gateway, Darktrace, Microsoft Defender, Sentinel). Experience developing incident response playbooks, SOAR workflows, red-team exercises, and tabletop simulations. Experience in investigating advanced intrusions, such as targeted ransomware or state-sponsored attacks. Summary: My client are looking for an experienced More ❯

as a SIEM Engineer, with a strong understanding of security logs across multiple domains. Proficiency in data analysis and scripting languages, such as PowerShell and Python. Extensive knowledge of Security Orchestration, Automation, and Response (SOAR) solutions. Excellent collaboration and stakeholder management skills, with the ability to work effectively with cross-functional teams. A passion for staying up-to-date with More ❯

and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 – £60,000 depending on experience Dynamic (hybrid) working :2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯

and efficiency of our Security Operations Centre (SOC). This role is perfect for someone who thrives on solving complex technical challenges, enjoys working with tools like Splunk and SOAR, and wants to contribute to a mission that truly matters. Salary : Circa £50,000 - £60,000 depending on experience Dynamic (hybrid) working : 2 days per week on-site due to … threat landscape. Key responsibilities include; Act as the subject matter expert (SME) for Splunk across all cyber security and observability use cases. Lead SOC automation initiatives using scripting and SOAR tools, optimising processes through AI and ML technologies. Support alert tuning, connectivity, and visibility across monitored networks and infrastructure. Maintain and document SOC integrations, ensuring accurate configuration and performance visibility. More ❯

log sources, create custom parsers, and develop analytic rules. Design and maintain detection rulesets, scope, plan, and track log integrations. Develop automation for alert triage and incident remediation through SOAR tools. Collaborate with Threat Detection & Response teams to ensure the SIEM platform aligns with security monitoring requirements. Participate in infrastructure projects and security tool integrations. Lead and mentor junior SIEM … of security log management across multiple domains (identity, access, network, systems, cloud, and applications). Proficiency in Python and/or PowerShell for data analysis and automation. Experience with SOAR platforms and security automation workflows. Excellent problem-solving, stakeholder management, and collaboration skills. Team leadership or mentoring experience is highly desirable. Preferred Technologies/Tools: Splunk, QRadar, LogRhythm, Sentinel, ArcSight More ❯

to-day SOC operations, ensuring adherence to SLAs, KPIs, and compliance requirements Drive continuous improvement in security monitoring, detection, and response processes Ensure effective use and optimisation of SIEM, SOAR, EDR, and other security technologies Produce and deliver regular reporting on SOC performance, incident trends, and risk exposure to senior management Collaborate with threat intelligence teams to enhance detection capabilities … integrated into processes and training Support compliance with industry standards, frameworks, and regulations Requirements Here are the key skills and experience relevant to this role: Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, firewalls, and endpoint protection solutions Strong Knowledge in Incident response Familiarity with cloud security and hybrid environments Understanding of network protocols, operating systems (Windows/Linux More ❯

Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc), crowd strike and dark trace. Sentinel platform admin Execution of the use cases on SIEM, SOAR & Threat Intelligence. Well versed in Design & Architecture, Cribl (Newly added by client) Deploy down selected(Nozomi) OT Security/IDS platform in the lab infra. Handle OEM communication Test the … Configure & ensure availability of required logs into Sentinel (such as EDR, Qualys, Firewalls etc), crowd strike and dark trace. Sentinel platform admin Execution of the use cases on SIEM, SOAR & Threat Intelligence. Well versed in Design & Architecture, Cribl (Newly added by client) Deploy down selected(Nozomi) OT Security/IDS platform in the lab infra. Handle OEM communication Test the More ❯

About us: Soar is a global fintech startup that specializes in financing and investment. Currently headquartered in Saudi Arabia, Soar is growing throughout the region with a mission to help people achieve their financial goals with innovative financial and property investment solutions and tools through its multi-purpose platform, designed to offer a simple and seamless user experience. Role Summary More ❯