1 to 25 of 28 SOAR Jobs

as they occur as part of an incident response team. • Implement metrics and dashboards to give visibility of the Enterprise infrastructure. • Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. • Produce documentation to ensure the repeatability and standardisation of more »

as they occur as part of an incident response team. • Implement metrics and dashboards to give visibility of the Enterprise infrastructure. • Use of the SOAR platform to assist with playbook automation and case management capabilities to streamline team processes and tools. • Produce documentation to ensure the repeatability and standardisation of more »

a coaching capacity Work with other teams within BAE to improve services on the basis of customer needs. Produce new workflows for automation into SOAR tools for common attack types. Continually improve the service and review use cases and propose changes and enhancements in line with the changing threat. Requirements more »

anomalous activity. Incident Response: Lead the response to high-severity security incidents, providing senior-level response activities and ensuring effective remediation and recovery actions. Security Orchestration, Automation, and Response (SOAR): Support and develop the SOAR platform, creating new workflows for automated responses to common attack types. Digital Forensics: Conduct forensic … of advanced threat hunting and incident response. Experience in log correlation, forensics investigations, and compliance with regulatory frameworks. Proficiency in security technologies including SIEM, SOAR … EDR, IDS/IPS, and behavioural analytics. Knowledge of adversarial tactics, techniques, and industry-standard frameworks like Mitre ATT&CK. Deep understanding of SIEM and SOAR solutions, Identity and Access Management, and Data Loss Prevention technologies. Experience in developing incident response playbooks, SOAR, and conducting red-team exercises. If you more »

Monitoring Incident Response Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Cloud Security Penetration Testing Security Automation (SOAR) Qualifications: Knowledge and experience in the following: SIEM Tools Vulnerability Management EDR Software Intrusion Detection/Prevention Systems Web Proxies Network Security & Firewalls Programming – Nice more »

confidential investigations with discretion Ability to multi-task and prioritize workload Familiarity with PowerShell, Python and/or SQL is a plus Familiarity with security orchestration, automation and response (SOAR) is a plus more »

quick, informed decisions under pressure. Relevant certifications such as GIAC, or Microsoft certifications would be advantageous. Any experience with SOC Prime, Carbon Black, and SOAR would be advantageous. Hybrid based - 2 days per week expected in their Warrington office. Paying up to 70k, depending on experience. As this is a more »

and applications in threat intelligence, with knowledge of how to conduct analyses within SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platforms. Strong foundation in cybersecurity principles, practices, and technologies, including data management specific to cybersecurity applications. Relevant certifications such as CISSP, GCIH, or Google … Cloud Professional Security Engineer are desirable. Skills in data onboarding, quality control, and ensuring high-quality, non-duplicative data for SIEM and SOAR platforms. Preferred Qualifications Include: Master's degree in Cybersecurity, Computer Science, or related field preferred Advanced certifications such as CISSP, CISM, OSCP, and GWAPT. Experience with machine more »

cyber security systems and tooling • Reasonable knowledge of Security Information and Event Management systems • Reasonable knowledge of Firewall systems (Fortigate essential) • Foundational knowledge of Security Orchestration, Automation and Response (SOAR) systems • Good knowledge of common operating systems (Windows, Mac, Linux) • Good knowledge of networking and network equipment • Relevant certifications such more »

have experience across: Security principles, techniques, and protocols Endpoints, servers, infrastructure and networking technologies Experience in supporting security systems, including vulnerability management, SIEM, DLP,SOAR, EDR solution, Network Firewalls etc The client is based in London, however will consider candidates on a remote basis. Sound interesting? Click apply now and more »

work in a small high performing team, collaborating with other technical resources whilst aligning to the security strategy. Technical knowledge and experience with SIEM, SOAR, IDPS, DDoS, Malware Protection, Vulnerability Management, and Application Security tooling, etc. Knowledge of Information Security frameworks (CIS, NIST, NCSC CAF), supporting processes and toolsets. Ability more »

define the technology, policies and practices used to protect the company and its clients. You’ll work to implement the Splunk monitoring solution and SOAR and you’ll be able to work across vulnerability detection, infrastructure management, Web and Mobile Application Security, DevSecOps and many other areas – A Very varied more »

and protocols Detailed technical knowledge related to endpoints, servers, infrastructure and networking technologies Strong experience in supporting security systems, including vulnerability management, SIEM, DLP,SOAR, EDR solution, Network Firewalls etc. Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management The Cyber Security IT Analyst more »

Cyber Assessment Framework (CAF) and ISA/IEC 62443, ISO/IEC 27001/27002, and GDPR. Working knowledge of security technologies including SIEM, SOAR, EDR, AV, IDS/IPS, NAC, AD, DLP, Web Filtering, Email Filtering, Behavioural Analytics. Knowledge of adversarial tactics, techniques, procedures (TTPs) and industry standard frameworks more »

one or more of the following: Public Cloud technologies, including experience with Azure (or similar) Endpoint Security technologies SIEM products Automation technologies such as SOAR Virtualisation Microsoft security stack more »

within Secuirty Engineering · Understanding of Security Operations · Experience with security toolsets such as (but not limited to) SIEM, cloud security (zero trust, CASB ect), SOAR, CVM tools. Desirable skills: · Experience with using Zscaler · Experience with using CrowdStrike. · Experience with using Qualys CVM. If you are ready to take the next more »

security experience with a strong understanding of security concepts, principles and best practice You're experienced with security tools and technologies e.g. Splunk, SIEM, SOAR, EDR, NDR You have a good knowledge of Linux and associated scripting languages e.g. Python, bash, PowerShell You have an infrastructure/systems engineering background more »

security toolsets as required for the role Continuously work towards organisational, departmental, and individual objectives and uphold security standards and principles Supporting SIEM and SOAR technologies Provide ongoing management and administration of Cyber Security solutions Provide support to projects delivering and implementation of Cyber Security solutions Provide guidance and support more »

Experience of CISSP, SSCP, CRISC or CGEIT would be beneficial Experience as a MS Azure Cloud Architect or Engineer is preferred Working knowledge of SOAR concepts and toolsets Authoritative understanding of data communications and information systems hardware, software, and design principles such as VPN, segmentation, WAF, access control, CASB. Working more »

Experience of CISSP, SSCP, CRISC or CGEIT would be beneficial Experience as a MS Azure Cloud Architect or Engineer is preferred Working knowledge of SOAR concepts and toolsets Authoritative understanding of data communications and information systems hardware, software, and design principles such as VPN, segmentation, WAF, access control, CASB. Working more »

the technology, policies and practices used to protect the company and its clients. You’ll drive the implement of a Splunk monitoring solution and SOAR and you’ll be able to work across vulnerability detection, infrastructure management, Web and Mobile Application Security, DevSecOps and many other areas - A key and more »

by design. Other essentials: Background that covers cyber technology, security operations, incident response, architecture, and training. Experience in implementing technology such as SIEM, XDR, SOAR, etc. Background in Financial Services or other regulated industries (desired) Experience in leading through leaders and developing an internal capability Good soft skills, and the more »

need: · Extensive experience of working within a SOC or adjacent role. · Experienced in responding to cyber incidents. · Conversant with common security tooling (E.g., SIEM, SOAR, EDR, NDR). · Understanding of threat actors, their tactics, techniques, and procedures. · Understanding of security event data, the value of different data sources and tools more »

the charge in designing and implementing robust security controls. 🚀 What You'll Do: Optimise the Security Operations platform across endpoints, networks, and clouds. Spearhead Security Orchestration Automation and Response (SOAR) initiatives. Drive Security Data & Analytics with next-gen detection logic and analytics. 🎯 Essential Skills: Proven cyber security experience. Proficiency in … supporting security tools like SOAR, SIEM, EDR, NGFW, and more. Industry certifications (CISSP/CCSP, CEH, etc.) or equivalent expertise. Hybrid environment expertise with Azure or AWS certifications as a bonus. Scripting prowess for automation and API interaction. Familiarity with microservices, Kubernetes, CI/CD pipelines, and DevSecOps principles. Ready more »

and managing Fortinet FortiAnalyzer. • Provide guidance to Infrastructure and Product teams on securing Microsoft 365 and Azure cloud services. • Establish and manage SIEM and SOAR capabilities using Azure Logic Apps or equivalents. • Enhance the usage and support of Entra ID (previously Azure AD) for IAM, Identity Governance, and PIM. • Document … with enhancing security in Azure Landing Zones (e.g., Key Vault, NSGs, WAF). • Experience with Microsoft Entra ID, including identity governance. • Proficiency in using SOAR tooling, automating security operations, and policy as code. • Ideally, experience in securing GitHub or similar platforms. • Ideally, experience in securing data platforms (e.g., Databricks, Snowflake more »