26 to 50 of 401 SOAR Jobs in the UK

following: - Automation of SOC Processes Design and implement automation solutions to streamline repetitive tasks such as alert triaging, incident response, and reporting - Tool Integration Integrate various security tools (SIEM, SOAR, firewalls, etc.) to improve data flow and response coordination. - Optimization of Workflows Enhance and optimize SOC workflows for improved efficiency and reduced manual effort. - Development of Playbooks Create automated response … or equivalent experience). Industry certifications such as: Certified Information Systems Security Professional (CISSP) Certified Incident Handler (GCIH) GIAC Security Automation Expert (GCSA) Splunk Certified Automation Consultant, or relevant SOAR certifications. Experience with automation tools (e.g., SOAR platforms, Ansible, Phantom or similar). Proficiency in scripting languages (e.g., Python, PowerShell, Bash). Strong understanding of SOC processes, including incident response … and threat detection. Experience with SIEM platforms (e.g., Splunk). Knowledge of security frameworks (e.g., NIST, MITRE ATT&CK). Skills Proficiency in automation tools (e.g., SOAR platforms, Ansible, Phantom). Expertise in scripting languages (e.g., Python, PowerShell, Bash). Strong knowledge of SOC processes (incident response, threat detection). Experience with SIEM platforms (e.g., Splunk). Ability to integrate More ❯

cyber security focused role - Ideally 1- 2 years working as an engineer. Knowledge of security tools and technologies (e.g., SIEM, IDS/IPS, EDR/XDR, Email protection, DLP, SOAR, Cloud Security etc.) Knowledge of Cyber Security domains (e.g., Identity and access Management, Network Security, Incident Response etc) Desirable skills Ideally you will come from an Infrastructure engineering background. Relevant … Knowledge of Security best practices and regulatory compliance frameworks (e.g., NIST, ISO27001, PCI-DSS etc) Knowledge of the following security products are ideal: ? SEIM (Rapid7 IDR, MS Sentinel, SPLUNK) ? SOAR (Rapid7 ICON, MS Sentinel) ? Endpoint Detection and Response (Microsoft Defender) ? Email Security (Proofpoint, Mimecast) ? Vulnerability Management (Rapid7 IVM, Nessus, Tenable) Proficiency with scripting and automation (e.g., Powershell, Python) Understanding of More ❯

perform in-depth root cause analysis. Support use case tuning through auditing and approval, alongside developing new detection content including machine learning analytics and Security Automation Orchestration and Response (SOAR). What are we looking for? Ability to work independently to deliver personal and team objectives, liaising with relevant teams. Able to work under pressure and make judgment calls based More ❯

on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Security Command Center. Fluency in designing security policies using IAM, KMS, DLP, and SIEM/SOAR tools. Strong understanding of network security principles (firewalls, VPNs, load balancing, DNS) and their implementation on GCP. Proficiency in at least one scripting language (e.g., Python, Go, Bash) for automation More ❯

on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Security Command Center. Fluency in designing security policies using IAM, KMS, DLP, and SIEM/SOAR tools. Strong understanding of network security principles (firewalls, VPNs, load balancing, DNS) and their implementation on GCP. Proficiency in at least one scripting language (e.g., Python, Go, Bash) for automation More ❯

on experience with GCP security services including IAM, VPC Service Controls, Cloud Armor, KMS, Security Command Center. Fluency in designing security policies using IAM, KMS, DLP, and SIEM/SOAR tools. Strong understanding of network security principles (firewalls, VPNs, load balancing, DNS) and their implementation on GCP. Proficiency in at least one scripting language (e.g., Python, Go, Bash) for automation More ❯

including the shared responsibility model. Familiarity with compliance frameworks (ISO 27001, GDPR, SOC 2, NIST). Hands-on experience with EDR tools (CrowdStrike, Defender for Endpoint) and SIEM/SOAR platforms. Basic scripting for automation and reporting using PowerShell or Python. Working knowledge of network security protocols, VPNs, firewalls, and web filtering tools. Understanding of patch management, application control, and More ❯

for diverse audiences Ability to adapt to evolving threats and technologies Experience Extensive security operations experience Prior CIRT team experience Leadership in Security Incident Response Experience with SIEM/SOAR tools Knowledge of threat intelligence, vulnerability management, network security Experience with threat analysis and security alerts Familiarity with frameworks like MITRE ATT&CK, NIST CSF Leadership or strong potential in More ❯

of network and host-based telemetry relevant for threat detection Desirable . Azure certifications (SC-200, AZ-500, MS-500) . Experience with LogRhythm SIEM Platform . Knowledge of SOAR tools and automation (Logic Apps, Sentinel Playbooks) Please be aware that this role can only be worked within the UK and not Overseas. Sellafield Ltd is committed to eliminating discrimination More ❯

EC2, S3, SQS. Attend technical workshops and represent the project at key meetings such as ADF and TDAs. Represent the project in all technical discussions related to Splunk, onboarding, SOAR, Attack Analyzer, etc. Essential Skills: SIEM engineering and architecture skills, specifically in Splunk SaaS. Experience with delivery lifecycle improvements for Splunk SaaS. Experience in defining SIEM improvements within Cyber Security … etc. Desirable Skills: Public Sector experience. Experience with other SIEM solutions. Experience with multiple cybersecurity technologies. Essential Qualifications: Cloud Security Architecture (CSA) Splunk Cloud Administrator Splunk Enterprise Security Splunk SOAR Administrator Splunk Certified Cybersecurity Defence Analyst Implementing Microsoft Azure Infrastructure Solutions Developing Windows Azure and Web Services Security Information & Event Management (SIEM) JIRA, Confluence, Git Desirable Qualifications: CISSP Ethical Hacking More ❯

hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including SOAR platforms, to deliver smarter, faster, and more effective security outcomes. This role provides a unique opportunity to help shape the future of a next-gen SOC environment. This role combines More ❯

of security frameworks, such as NIST, ISO 27001, or similar. Excellent communication skills, with the ability to clearly convey technical details to diverse audiences. Previous experience in SIEM/SOAR within large-scale, complex environments. Familiarity with other security tools and technologies. Desirable Skills Relevant certifications (e.g., CISSP, CEH, Microsoft Certified: Security, Compliance, and Identity Fundamentals) a plus. If you More ❯

R2 Analyst helps maintain a vigilant and proactive defence against evolving cyber threats, enabling the organisation to operate securely and with confidence. Summary Threat Detection and Monitoring: Monitor the SOAR platform for EDR Logs, SIEM Logs, IDS Logs and Managed Intelligence sources. Identify potential threats, vulnerabilities, and indicators of compromise. Initiate escalation procedures to counteract potential threats and vulnerabilities. Ability More ❯

designing or implementing micro segmentation (e.g., Cisco Titration, Illumio, Guardicore) Background in regulated industries like financial services, healthcare, Resources or government Familiarity with DNS-based threat detection, SIEM/SOAR integration, and cloud security access brokers (CASB) Why Join Us at Accenture in This Role? Leadership in Next-Generation Cybersecurity : As a trusted security partner, Accenture leads the way in More ❯

designing or implementing micro segmentation (e.g., Cisco Titration, Illumio, Guardicore) Background in regulated industries like financial services, healthcare, Resources or government Familiarity with DNS-based threat detection, SIEM/SOAR integration, and cloud security access brokers (CASB) Why Join Us at Accenture in This Role? Leadership in Next-Generation Cybersecurity : As a trusted security partner, Accenture leads the way in More ❯

designing or implementing micro segmentation (e.g., Cisco Titration, Illumio, Guardicore) Background in regulated industries like financial services, healthcare, Resources or government Familiarity with DNS-based threat detection, SIEM/SOAR integration, and cloud security access brokers (CASB) Why Join Us at Accenture in This Role? Leadership in Next-Generation Cybersecurity : As a trusted security partner, Accenture leads the way in More ❯

SC-200, PCNSE, Fortinet NSE, CCFR, or Zscaler Certified Expert Background in regulated industries like financial services, healthcare, Resources or government Familiarity with DNS-based threat detection, SIEM/SOAR integration, and cloud security access brokers (CASB) Why Join Us at Accenture in This Role? Leadership in Next-Generation Cybersecurity : As a trusted security partner, Accenture leads the way in More ❯

Security Tooling Engineer (SIEM/SOAR) Location: Cheltenham/Hybrid Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application. As a Security Tooling Engineer, you will … responsible for developing and optimising Security Tooling, to drive the maturation of Accenture’s Security Operation Centre (SOC) offerings. Build, maintain and optimise Security Information Event Management (SIEM) and Security, Orchestration, Automation and Response (SOAR) toolsets. Develop and implement innovative solutions to improve the efficiency and capabilities of Accenture’s service offerings. Approach problems with a security-first mindset, and … a strong technical background in security operations or network/infrastructure engineering. The following skills and experience are essential for this role: Hands-on experience either: Developing playbooks within Security Orchestration, Automation and Response (SOAR) platforms, such as Palo Alto XSOAR, Splunk Phantom or Chronicle SOAR. Deploying and optimising either Microsoft Sentinel and/or Splunk Enterprise Security. Knowledge of More ❯

week) Security Engineer - SOC & Automation (Financial Services) We're looking for a Security Engineer to strengthen SOC capabilities at a financial services client. The focus is on SIEM/SOAR tooling, automation, and improving threat detection and response. Responsibilities: Maintain and optimise SOC tools (SIEM, SOAR, EDR). Automate detection and response using scripts (Python, PowerShell). Integrate threat intel … response workflows. Support regulatory compliance (FCA, PRA, DORA) through improved security operations. Requirements: 4+ years in cybersecurity, with 2+ in SOC or security engineering. Strong experience with SIEM/SOAR (e.g., Splunk, Sentinel). Proficient in scripting (Python, PowerShell). Knowledge of MITRE ATT&CK and incident response. Experience in regulated financial environments. Nice to Have: SOC certifications (e.g., GCIH More ❯

investigation and resolution of high-severity security incidents Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite Develop and fine-tune analytic rules, detection use-cases, and SOAR playbooks Monitor and optimise license consumption across Microsoft security tools Manage log onboarding/offboarding processes across varied sources and environments Drive SOC maturity initiatives, identifying and implementing process improvements … the MITRE ATT&CK framework and threat modeling Solid understanding of Windows, Linux, networking, and endpoint security Skilled in threat intelligence, digital forensics, and advanced incident handling Experience with SOAR platforms and security automation Excellent written and verbal communication skills Nice to Have Experience in the retail or FMCG sector supporting large-scale SOC environments Background in major incident response More ❯

Occasional on-call support for critical incidents. Requirements Proven experience in a cybersecurity and IT infrastructure role. Strong knowledge of Microsoft and Cisco security stack. Familiarity with SIEM/SOAR/XDR platforms and incident response frameworks. Excellent understanding of network security, firewalls, VPNs, ZTA, endpoint protection, phishing and social media platforms. Experience with hybrid environments (on-prem and cloud More ❯

such as ISO 27001, 27002, 27017, and 27108 DESIRABLE SKILLS AND EXPERIENCE CISSP, CISM, CCSP, CRISC, or similar certifications Knowledge of Active Directory, Cryptography, IAM, PKI, server hardening, SIEM, SOAR, and virtualization (VMware) Experience in pre-sales activities and supporting delivery collateral Familiarity with MITRE ATT&CK and ITIL frameworks Who we are: We’re a global business empowering local More ❯

identity protection technologies (XDR) for a cloud focused environment. Designing and deploying identity and access management solutions for cloud identity providers. Supporting and designing deployments of cloud SIEM/SOAR technologies in enterprise environments. Assessing and reviewing customer cloud security posture across multiple solutions and technologies. Creating and maintaining technical project documentations such as technical configuration documents or low-level More ❯

CISM, CCSP, CRISC or equivalent experience Good knowledge covering several of the following examples (this list is not exhaustive): AD, Cryptography, End User Computing, IAM, PKI, Server hardening, SIEM, SOAR, virtualisation (VMware) Participate in pre-sales tasks and perform ongoing support of delivery collateral. Familiarity with MITRE ATT&CK Familiarity with ITIL Who we are: We're a business with More ❯

hunting , and real-time defence management , guiding and mentoring two junior SOC analysts. The SOC team is deeply committed to leveraging the latest in automation and artificial intelligence, including SOAR platforms, to deliver smarter, faster, and more effective security outcomes. This role provides a unique opportunity to help shape the future of a next-gen SOC environment. This role combines More ❯