26 to 45 of 45 SOAR Jobs in the UK

observability. Collaboration & Integration Work with cloud, security, application, and operations teams to align monitoring with business needs. Integrate logging and monitoring with SIEM/SOAR and security tools for detection and response. Participate in incident reviews and help improve platform reliability. Documentation & Governance Create runbooks, onboarding guides, data dictionaries, and ...

define and measure control effectiveness Required Skills & Experience Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash 3+ years … Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA, CCSP Experience with SOAR playbooks, YARA rules, STIX, and YAML Participation in red/purple team exercises. Please apply within for further details - Alex Reeder Harvey Nash To From Record ...

with the ability to translate technical detail into clear business value. Excellent communication and presentation skills. Strong understanding of modern security architectures, including SIEM, SOAR, and Managed Security Services. Exposure to advanced security areas such as DDoS protection, Web Application Firewalls (WAF), Identity and Access Management (IDAM), Endpoint Detection and ...

Building high-fidelity, MITRE ATT&CK-aligned detections Designing and maintaining SIEM pipelines (CIM/ECS) Automating detection and response using CI/CD, SOAR and IaC Ensuring SIEM platforms are resilient, scalable and performant If your SIEM experience covers: Proven, hands-on experience with Splunk ES and/ ...

Senior Security Engineer (Incident Response SIEM SOAR AWS) Remote UK to £115k Are you a tech savvy Senior Security Engineer with strong Incident Response experience? You could be progressing your career in a senior, hands-on Senior Security Engineer role as part of a friendly and supportive international team ...

z2bz0 years' experience across network and security engineering (design, build, operate) Strong troubleshooting across multiple layers: Network Identity Endpoint Proxy SIEM/SOAR Hands-on automation experience (e.g., Ansible, Terraform, GitHub, Azure DevOps) Proven ITIL change leadership experience Major Incident Management (MIM) exposure Desirable Certifications CCNP/CCIE Zscaler Professional ...

technical complexity into clear business outcomes Confidence presenting to both technical and non-technical stakeholders A solid understanding of modern security architectures, including SIEM, SOAR, and managed security services Exposure to advanced security domains such as DDoS protection, WAF, IAM, EDR, MDM, and vulnerability management Continuous learning is a core ...

develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and … threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks such as National Institute of Standards and Technology guidance, International Organization for Standardization ...

develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience of leading or mentoring SOC teams Strong knowledge of incident response and … threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks such as National Institute of Standards and Technology guidance, International Organization for Standardization ...

ensuring data quality and analytical integrity. 3. Automation & Workflow Optimization - Design and implement automation workflows within the TIP to reduce analyst toil. - Work with SOAR platforms and scripting tools to enable intelligence-driven response actions. - Optimize scoring, deduplication, false-positive reduction, and prioritization logic. - Collaborate with engineers to expose … configuring, and operating TIPs in production environments. - Strong understanding of STIX 2.x, TAXII, IOC lifecycle management, and intelligence ontologies. - Experience integrating TIPs with SIEM, SOAR, EDR, and vulnerability management tools. - Proven ability to customize workflows, scoring models, enrichment logic, and automation. Technical & Platform Skills - Strong familiarity with APIs, JSON, Python ...

and enterprise IGA architecture. Strong understanding of identity lifecycle management, access governance, and Zero Trust security principles. Hands-on experience integrating SailPoint with SIEM, SOAR, PAM, and directory platforms. Experience contributing to enterprise architecture and security governance frameworks. Contract Details: Duration: 6 months Initially Day Rate: £600 per day (Inside ...

investigated, and mitigated promptly. You'll also take ownership of improving operational maturity tuning alerts to reduce false positives, implementing automation through scripting or SOAR tooling, integrating threat intelligence, and establishing meaningful security metrics that clearly demonstrate risk reduction and performance to stakeholders across IT and the wider business. CYBER … Alert tuning and optimisation to reduce false positives * Ability to define, measure, and report on security KPIs and risk metrics * Knowledge of automation techniques (SOAR tools, scripting) * Understanding of threat intelligence and proactive threat hunting * Strong communication and stakeholder engagement skills DESIRABLE * Familiarity with Azure and AWS security operations * Understanding ...

requirements Create and refine SIEM correlation rules, dashboards, and reports to enhance proactive threat detection and monitoring Build, deploy, and maintain automated playbooks across SOAR and related security platforms Integrate threat intelligence sources, security tools, and custom logic into automated workflows Continuously tune and optimise SIEM rules and SOAR playbooks … improve detection accuracy and reduce false positives Integrate internal and third-party systems with SIEM and SOAR platforms using APIs and custom connectors Support ongoing sprint activities, daily progress updates, and ad-hoc engineering tasks to improve SOC service delivery Contribute to post-incident reviews by developing new detections and ...

security strategy. Apply foundational security principles to new technologies and unconventional scenarios while enabling organisational objectives. What We're Looking For SIEM/SOAR: Proficiency in SIEM concepts, data source integration, and creating SOAR runbooks. Security Stack : Hands-on with EDR, XDR, WAF, and email security solutions. Preferred Vendors: Experience ...

Your responsibility is to ensure Security technologies and services, spanning SOC operations, SIEM/XDR/EDR, Vulnerability & Exposure Management, and Security Automation & Orchestration (SOAR) are aligned to the client's strategy and objectives, adopted effectively, and continuously improved to enhance client experience and satisfaction. Provide high level SME knowledge … systems (Windows/Linux), Active Directory/identity management, and permissions-based controls. Hands-on experience designing detection content, use cases, tuning, suppression, and SOAR workflows, with understanding of data pipelines and connector optimisation. Proven track record in technical account management, client-facing technical leadership, or equivalent, with ownership ...

platforms and customer environments Oversee the full incident lifecycle detection, response, escalation, post-incident review Ensure effective use and optimisation of SIEM and SOAR platforms (Splunk, Sentinel, QRadar) Drive operational consistency using ITIL-aligned processes and CREST-aligned best practices Act as the senior point of contact for customers and … operating SOC services across multiple customers and security environments Deep understanding of incident management, escalation, and service delivery under pressure Knowledge of SIEM/SOAR tooling, ideally Splunk and/or Microsoft Sentinel Strong working knowledge of NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL Confident communicator, able ...

team across onboarding and live service activity • Own technical delivery during customer onboarding and transition • Oversee Sentinel connector deployment, Defender integration, rule tuning and SOAR playbooks • Ensure structured service handover into SOC operations with clear documentation • Act as escalation point for complex engineering issues in live environments • Maintain SLA adherence … Microsoft Sentinel and Defender XDR • Deep understanding of Azure security architecture and ingestion strategy • Proven experience configuring connectors and tuning detection rules • Experience with SOAR platforms • Strong KQL capability • Ability to manage competing priorities in fast-paced environments • Experience managing ingestion costs or cloud service optimisation • Confident customer communication Desirable ...

Senior Security Engineer (Incident Response SIEM SOAR AWS) Remote UK to £115k Are you a tech savvy Senior Security Engineer with strong Incident Response experience? You could be progressing your career in a senior, hands-on Senior Security Engineer role as part of a friendly and supportive international team … anywhere in the UK; you can also work at times that suit you. About you: You have strong, hands-on experience with SIEM and SOAR platforms, Crowdstrike (or similar EDR/XDR solutions) and MDM solutions You have strong AWS and Kubernetes (K8s) and Amazon EKS experience You have scripting ...

technical design for Network Security services, including: Zero Trust Network Access (ZTNA) NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Define and assure non-functional requirements (availability, scalability, performance, security, operability) Maintain architecture diagrams, security workflows, threat models, and integration contracts aligned with governance standards (e.g. NIST … operating enterprise network security platforms Deep hands-on expertise in one or more of: ZTNA, NGFW, NAC, IDS/IPS Proxy services SIEM/SOAR integrations Strong understanding of Zero Trust Architecture and policy-based access control Proven DevSecOps, IaC, and CI/CD experience Solid grounding in ITIL, major ...

Role: SOC -Security Platform Engineer Location: London Salary: Competitive salary and package dependent on experience Career Level: Specialist Please Note: Any offer of employment is subject to satisfactory BPSS and the candidate being granted a ...