×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Systems Engineer Cybersecurity Security Manager

Security Architect

Job in Greater London, London, Greater London, W1B, England, UK
Listing for: Response Informatics
Contract position
Listed on 2026-02-24
Job specializations:
  • IT/Tech
    Systems Engineer, Cybersecurity, Security Manager
Job Description & How to Apply Below
Location: Greater London

Job Title:
Security Architect with SIEM & SOAR

Job Location:
London, UK (Onsite)

Job Type: Contract – Inside IR35

Job Description

We are seeking an experienced Security Architect to lead the design, deployment, and optimization of Palo Alto Cortex XDR across enterprise environments. The role requires deep expertise in SIEM and SOAR Platform, strong exposure to security automation, and hands‑on experience integrating with SIEM platforms for centralized monitoring and incident response.

The architect will drive advanced threat detection, automated response use cases, and SOC modernization initiatives while aligning security operations with best practices and zero‑trust principles.

Key Responsibilities
  • XDR Architecture & Strategy
    • Design and own the Cortex XDR architecture across endpoints, servers, and cloud workloads
    • Define XDR onboarding strategy for endpoints, network, and cloud telemetry
    • Establish detection, prevention, and response standards aligned with MITRE ATT&CK
    • Lead XDR roadmap, capacity planning, and platform optimization
  • Cortex XDR Implementation & Operations
    • Architect and deploy Palo Alto Cortex XDR:
      Endpoint protection, behavioral analytics, and threat prevention
    • Incident correlation and root cause analysis
    • Tune detection policies, alert thresholds, and prevention profiles
    • Oversee agent deployment, upgrades, and performance optimization
  • Automation & SOAR
    • Design and implement security automation and response workflows
    • Integrate Cortex XDR with SOAR platforms (Cortex XSOAR preferred)
    • Develop automated playbooks for:
      • Alert triage and enrichment
      • Containment and remediation (endpoint isolation, user disablement, IOC blocking)
    • Leverage APIs, scripting, and integrations to reduce manual SOC effort
  • SIEM Integration & Monitoring
    • Integrate Cortex XDR with SIEM platforms (Splunk, Sentinel, QRadar, etc.)
    • Design log ingestion, normalization, and correlation use cases
    • Build dashboards and alerts for SOC visibility and executive reporting
    • Optimize signal-to-noise ratio across SIEM and XDR platforms
    • Define and validate advanced detection use cases
    • Lead threat hunting initiatives using XDR and SIEM telemetry
    • Support incident response investigations and post-incident reviews
    • Continuously improve detections based on emerging threats
#J-18808-Ljbffr
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search