26 to 50 of 53 SOAR Jobs in the UK

with clear RACI and coherent operating model. Govern the security tooling strategy and operating model (build vs. buy vs. MSSP); maximize value from SIEM, SOAR, IAM, PAM, EDR, DLP, DSPM, and CTI platforms. Security Operations & Incident Response Accountable for SOC performance (24×7 detection, response, threat hunting), DFIR, purple-team ...

Implement identity access control measures and DLP controls Respond to Tier 3 security incidents Monitor threat intelligence Participate in pentests Engineer Microsoft Sentinel detections & SOAR playbooks Cyber Security Engineer: Technical Experience Microsoft Security: Defender of Endpoint, Identity, Cloud Apps, Office 365 Azure AD Microsoft Purview Cloud & Endpoint Security Azure Sentinel ...

and optimisation of technologies such as Zscaler, Netskope, Prisma Access, or similar platforms • Oversee integration of Zero Trust solutions with identity providers, SIEM/SOAR tooling, endpoint security, and cloud environments • Conduct architecture reviews, threat modelling exercises, gap assessments, and security strategy workshops • Lead proof-of-concept exercises, vendor evaluations ...

FWaaS) Manage application segmentation, secure connector deployment, and client connector rollouts. Integrate Zero Trust platforms with identity providers, endpoint security tools, and SIEM/SOAR environments. Support the migration of legacy VPN, firewall, and proxy solutions toward cloud-native security architectures. Conduct proof-of-concept exercises, technical evaluations, and architecture ...

enterprise environments.**Technical Expertise:*** Hands-on exposure to one or more of: AWS, Azure, GCP, Kubernetes, IAM, CI/CD, API gateways, SIEM/SOAR, email security, EDR, ZTNA technologies or data security technologies.* Strong understanding of security principles, design patterns, and defense-in-depth strategies.**Knowledge of Standards:*** Strong ...

troubleshooting issues, and ensuring reliable performance across both Linux and Windows platforms. Alongside core system administration duties, you'll support security tooling (SIEM and SOAR), ensuring systems are correctly configured to collect, process, and deliver accurate data. You'll also help onboard new systems and data sources, ensuring they integrate ...

hybrid environments Oversee patching, upgrades, and platform performance Drive platform improvements and engineering enhancements Support detection engineering, tuning, and platform optimisation Lead automation and SOAR initiatives to improve efficiency Collaborate with SOC providers on SIEM governance and data ingestion Ensure platforms meet regulatory and compliance requirements Maintain engineering documentation, standards ...

Advanced knowledge of SIEM operations, detection engineering, and RBA Experience with large-scale data ingestion, enrichment, and pipeline design Familiarity with automation tools, SOAR, Terraform/Ansible, and CI/CD Excellent communication, stakeholder management, and problem-solving skills This is a great opportunity to play a key role ...

Microsoft 365, identity and endpoint ecosystems. - Strong understanding of ITIL based service management and operational governance. - Experience with DMS platforms (desired) - Familiarity with SIEM, SOAR and modern security tooling. Head of IT Infrastructure/Head of IT Platforms In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this ...

operational activity. The successful candidate will be responsible for the day to day monitoring of multiple security devices, including SIEM, EDR, SOAR etc, ensuring that all customer SLAs are met. You will be required to work as part of the SOC team ensuring all SOC operational tasks are completed ...

Hybrid) Position Permanent role Languages Python Bash Tech Stack Cyber Security Bash Python ISO27001 Azure NIST Cyber Essentials ISO27001 SOC 2 Azure Sentinel IAM SOAR SIEM Security Standards NIST Cyber Essentials Plus NCSC Security Guidelines ISO... Compensation Competitive Role type Full time Visa sponsorship Not provided Company Axiom Software Solutions ...

controls aligned with the NIST Cyber Security Framework. What you'll be doing: * Maintain and optimise SOC PROTECT, DETECT, and RESPOND toolsets, including SIEM, SOAR, and vulnerability scanning tools. * Support the development, configuration, and automation of security tooling to enhance threat detection and incident response. * Conduct forensic analysis, malware reverse … and continuous process improvement. * Maintain knowledge of current cyber threats and emerging trends. What you'll bring: * Proven hands-on experience with SIEM and SOAR platforms such as Trend, Elastic, or SolarWinds. * Strong understanding of Windows and Linux OS, log collection, and threat detection techniques. * Ability to create and modify ...

investigative techniques Review and improve alert fidelity, detection coverage, and response effectiveness Provide technical oversight for tooling such as SIEM, EDR/XDR, NDR, SOAR, and cloud-native security platforms Detection Engineering & Improvement Collaborate with detection engineers to convert hunt findings into new or improved detections Identify visibility gaps and … detail Excellent written and verbal communication skills Ability to translate technical findings into business and risk context Desirable Skills Experience with detection engineering or SOAR automation Purple team or red team collaboration experience Forensic analysis experience (memory, disk, network) Exposure to regulatory environments (e.g. ISO 27001, NIST, GDPR) Apply ...

Support – Assist with demos, scoping, and proof-of-value activities where required. Core Duties Automation Design & Development Build and maintain workflows across SIEM, EDR, and SOAR platforms Develop reusable scripts, templates, and components Ensure solutions support secure, multi-tenant environments Integration & Response Automation Orchestrate containment, enrichment, and remediation actions Integrate … cloud security, identity, and event-driven automation Strong communication and analytical skills Security clearance (NPPV and/or SC) may be required. Technical Knowledge Security orchestration and automation principles Scripting and integration patterns (APIs, webhooks) SOC detection and response workflows Threat intelligence integration and use case design Cloud and identity ...

and recommend remediation. Implement and maintain AWS security controls aligned to ISO 27001, NIST and cloud security best practices. Proficiency in building/configuring SOAR platforms such as Shuffler and Tracecat. Develop security automation tooling, scripts, and infrastructure as code processes to streamline security operations. Take ownership of security engineering … Integration into DevOps Workflow for UK Within 6 months: Continuous Improvement Initiatives Security Incident Management Integration into DevOps Workflow for EMEA/ANZ Complete SOAR implementation What’s in it for you? We operate a Flexible Working Policy and we would like for you to work from our London ...

management aligned to ITIL best practice Technologies you'll need experience with: Microsoft 365 — Admin, Security, Compliance, Exchange and GDAP Microsoft Sentinel (SIEM/SOAR) and incident triage/response Microsoft 365 Defender — Defender for Endpoint and Defender for Office 365 Microsoft Entra & Intune — Conditional Access, LAPS, Configuration Policies Active ...

technical complexity into clear business outcomes Confidence presenting to both technical and non-technical stakeholders A solid understanding of modern security architectures, including SIEM, SOAR, and managed security services Exposure to advanced security domains such as DDoS protection, WAF, IAM, EDR, MDM, and vulnerability management Continuous learning is a core ...

engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling … Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...

engineering, cloud security, incident response, vulnerability management, and security architecture.Key Responsibilities Design, implement, and improve security controls across cloud and enterprise infrastructure Enhance SIEM, SOAR, and EDR/XDR capabilities including alerting, tuning, and integrations Build intelligent detection and response workflows Develop automation solutions using scripting and AI-assisted tooling … Monitor emerging threats and recommend improvements to security posture Technical EnvironmentThe team works across a modern cloud-first stack with exposure to: SIEM/SOAR platforms EDR/XDR tooling AWS cloud environments Identity & Access Management Vulnerability Management Security Automation & Scripting CSPM tooling AI-assisted security operations What ...

Access, MFA, PIM/JIT, and Defender for Identity. Lead the automation of security operations using Sentinel Playbooks, Logic Apps, Power Automate, and advanced SOAR workflows. Drive proactive threat detection, email threat defence, and automated containment using MDO and Darktrace Email. Partner closely with GSOC, Incident Response, Threat Hunting … Microsoft Defender for Office 365, phishing protection, Safe Links/Attachments, automated email response, and Darktrace Email. 6. Security Automation & Engineering Strong experience developing SOAR workflows and automation pipelines using: Sentinel Playbooks, Azure Logic Apps, Power Automate, Graph Security API, KQL‐based automation Ability to document architectures, runbooks, and processes ...

detection efficacy, reducing false positives, and ensuring robust coverage against evolving threat landscapes. Key Responsibilities Design and implement detection use cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules … content in complex environments Strong documentation and stakeholder communication skills Desirable Relevant certifications such as Splunk Enterprise Security, GIAC GCDA, or similar Experience with SOAR platforms and automation workflows Background in threat hunting or incident response If you are a detection-focused cyber security professional who thrives on building high ...

Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: £300 - £400 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6-12 Months Cyber … Analyst will require strong hands-on experience with the Microsoft security stack (Entra, Defender, Sentinel) as well as exposure to email security, phishing and SOAR tooling. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts ...

OpenID Connect). Practical experience securing macOS, Windows and Linux endpoints using MDM and EDR/XDR tooling. Experience operating SIEM and/or SOAR platforms and tuning detection logic. Experience with vulnerability management and patch governance. Ability to write production-quality automation scripts. Demonstrated experience leading cross-functional technical … Access platforms. Hands on experience deploying applications into K8 and Docker environments Data Loss Prevention (DLP) and SaaS security governance. Advanced detection engineering or SOAR playbook development. Experience supporting ISO 27001 or SOC 2 audits. Relevant certifications (e.g. CISSP, CISM, GIAC). Workplace & Benefits At Deliveroo we know that people ...

security space. These include (but are not limited to): E nd-to-end management of EDR solutions at enterprise scale DLP & DSPM Automation/Security Orchestration Automation & Response (SOAR) Scripting (python, PowerShell , bash etc.) Security Information & Event Management (SIEM) content creation, data source on-boarding Strong verbal and written communication ...

operational efficiency Investigate security incidents and drive root cause analysis and remediation Implement and manage tools such as Microsoft Defender, Nessus, and SIEM/SOAR platforms Develop secure cloud templates and baseline configurations Partner with engineering teams to embed secure coding and DevSecOps practices Stay up to date with emerging … environments Deep understanding of Azure security, DevOps, and automation Hands-on experience with EDR/DLP tools (e.g. Microsoft Defender) Experience with SIEM/SOAR platforms Knowledge of frameworks such as ISO 27001, NIST, and CIS Strong troubleshooting and problem-solving skills Ability to manage multiple priorities in a fast ...