1 to 25 of 36 MITRE ATT&CK Jobs in the South East

. Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide mentorship and leadership within a SOC team. Desirable (Nice-to-Have … SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre . Staying abreast of cyber threat developments and contributing to More ❯

Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a SOC team Desirable (Nice-to-Have … advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices More ❯

Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a SOC team Desirable (Nice-to-Have … advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices More ❯

Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g., Git). Familiarity with other SOC More ❯

infrastructure. Ideally, you'll bring experience or knowledge in the following areas: Familiarity with key security frameworks like NIST 800-53 , ISO 27001 , CIS Controls , and MITRE ATT&CK . Understanding of information risk management and how to align security controls with business needs. Hands-on experience with network infrastructure - including switches, routers, firewalls, VPNs More ❯

on how to tailor reports to show improvements and learnings In depth understanding of modern attack techniques and flows Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies Experience in cloud environments (Ideally Azure) Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning … related qualifications (e.g SANS 504) At least 3 years of experience working in an Incident Response position. Experienced responding to global complex security events Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Experience of More ❯

on how to tailor reports to show improvements and learnings In depth understanding of modern attack techniques and flows Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies Experience in cloud environments (Ideally Azure) Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning … related qualifications (e.g SANS 504) At least 3 years of experience working in an Incident Response position. Experienced responding to global complex security events Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Experience of More ❯

Perl/PowerShell. Experience collaborating with legal, compliance, and business continuity teams during major incidents Familiarity with frameworks such as NIST 800-61, ISO 27035, or MITRE ATT&CK for incident response planning and execution GIAC Certification GCFE/GCFA/GREM/GNFA/GCIA/GMON Certification in Azure/AWS/GCP More ❯

threat intelligence Experience in cybersecurity, with extensive experience in Threat Management and defensive security practices Excellent knowledge of threat frameworks (e.g., Lockheed Martin Cyber Kill Chain, MITRE ATT&CK, The Diamond Model etc.) in an offensive or defensive role Possess familiarity with industry regulations and compliance standards related to cybersecurity Experience of Threat Management in More ❯

Azure AD, LDAP, iDP (identity providers) Email authentication (SPF, DKIM, DMARC) Networking and protocols such as DNS, LDAP, HTTP Experience with security standards and frameworks such as ISO, MITRE and/or NIST CISSP, CCSP or other industry certification is beneficial. In addition to the above, if you have a consultative approach to problem solving and/or More ❯

line management to SOC Analysts Enhancing team knowledge across SOC tooling, detection methodologies, and threat triage Analyzing and optimizing detection rules and use cases based on MITRE ATT&CK Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements … a Security Operations Centre (SOC) environment Qualified at SOC Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the MITRE ATT&CK Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable More ❯

AWS) Expertise in vulnerability management, incident response, and cyber risk triage Strong understanding of cloud security principles and the shared responsibility model Familiarity with frameworks like MITRE ATT&CK and Zero Trust architectures Confident communicator, able to translate technical risk for executive audiences Proven ability to lead cross-functional meetings and remediation efforts Preferred Certifications More ❯

and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel More ❯

Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking … capability and supporting career progression Enhancing team knowledge across SOC tooling , detection methodologies , and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation , findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

documentation, including reports, analysis, and mitigation strategies. Qualifications and experience: Experience working in a Security Operations Centre. Managing Microsoft Sentinel and Splunk implementations. Knowledge of the Mitre Att&ck Framework. Understanding of client-server applications, web applications, databases, firewalls, VPNs, and AntiVirus products. Expertise in log data analysis and intrusion detection systems. Strong networking knowledge More ❯

z2bz0 years in penetration testing (network, web, cloud, etc.) Mastery of tools like Burp Suite, Metasploit, Cobalt Strike, Nmap Deep knowledge of OWASP Top 10, MITRE ATT&CK, and exploitation techniques Strong communication skills (you’ll explain risks to both tech & non-tech stakeholders) Certifications like OSCP, eCPPT, CREST CPSA/CRT, or similar Bonus More ❯

securing workloads and using Azure Sentinel & Defender. Proficiency Nexpose or Qualys. Managing complex, global security incidents (e.g., ransomware, data breaches). Using NIST 800-61 or MITRE ATT&CK to structure incident response strategies. Python, PowerShell, or SOAR platforms to improve efficiency. Familiarity with GDPR, PCI-DSS, and financial regulations (e.g., FCA, PRA rules) would More ❯

For: Experience in IT security or within a SOC/NOC environment Strong knowledge of Microsoft Defender, EDR, and network architecture Understanding of security frameworks (e.g., MITRE ATT&CK, NIST, ISO 27001) Excellent communication and teamwork skills Relevant certifications (e.g., Sec+, OSCP, CISA) are a plus More ❯

Strong understanding of OWASP Top 10 , CVSS, and secure coding principles Experience with tools such as Burp Suite , Nmap , Metasploit , Kali , and custom scripts Familiarity with MITRE ATT&CK , red teaming methodologies, and reporting best practices Highly Desirable: CHECK, CREST, OSCP, or CRTO certifications Experience working in or alongside UK Government or regulated sectors Strong More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines and tools like Veracode, Trivy and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Microsoft Azure Security Engineer Associate or AWS equivalent is essential, along with Cyber Essentials More ❯

and CI/CD orchestration tools. Strong understanding of common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework. Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses. Familiarity with current and More ❯

strategically and tactically. We're looking for candidates with experience in: Managing global security incidents at scale Vulnerability management and remediation programs Frameworks like NIST and MITRE ATT&CK Cloud security (Azure preferred) Reporting and communicating with both technical teams and senior stakeholders Comfortable working closely with senior stakeholders and C suite leadership Details: Location More ❯

reporting abilities. Familiarity with risk management frameworks (ISO 3100X, NIST 800 series, ENISA, EBIOS, OCTAVE, FAIR). Preferred: Background in information security and security frameworks (eg, MITRE ATT&CK, ISO 2700X). Experience working in multinational environments. Knowledge of AI governance or ethics is a plus. Please apply with your CV in the first instance. More ❯