14 of 14 MITRE ATT&CK Jobs in the South East

reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced … experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security ...

error-free ingestion. Use Case & Detection Content Development Design, implement, test, and tune detection use cases based on attacker techniques (MITRE ATT&CK), threat intelligence, and risk appetite. Build correlation rules, anomaly-based detections, dashboards, and alerting workflows. Regularly review detection efficacy and reduce false … systems, Cloud platforms (Azure/AWS/GCP), identity systems, and endpoint protection technologies (e.g. SentinelOne and Microsoft Defender) Knowledge of MITRE ATT&CK, cyber kill chain, and threat hunting methodologies. Must Have Level 4 or higher qualification in a computing subject, or equivalent experience ...

reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from … Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding ...

continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility gaps. Tune and validate detections to minimise false positives and deliver high-fidelity alerts … detection patterns. Confidence to own technical delivery end-to-end, driving work through to completion with minimal escalation. Expert knowledge of MITRE ATT&CK, with real-world application in detection engineering. A BSc in Computer Science, IT, or a related discipline. Solid scripting skills ...

continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility gaps. Tune and validate detections to minimise false positives and deliver high-fidelity alerts … detection patterns. Confidence to own technical delivery end-to-end, driving work through to completion with minimal escalation. Expert knowledge of MITRE ATT&CK, with real-world application in detection engineering. A BSc in Computer Science, IT, or a related discipline. Solid scripting skills ...

guidance Design and support purple team exercises to enhance detection and response capabilities Simulate advanced attack scenarios using frameworks such as MITRE ATT&CK Produce high-quality technical reports for both technical and non-technical stakeholders Mentor junior team members and promote security testing best … years of hands-on penetration testing experience across network, web, cloud, internal, red team, or purple team environments Excellent knowledge of: MITRE ATT&CK OWASP Threat modelling Attack surface analysis Experience with automated, dynamic, and static security testing tools Knowledge of regulatory frameworks including GDPR ...

pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor, tune and retire, using version control … Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning to reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large ...

Required Experience & Skills 2–4 years’ experience in a SOC, CSIRT, or cyber defence environment Strong understanding of attack frameworks (e.g. MITRE ATT&CK, Cyber Kill Chain) Hands-on experience with SIEM and EDR tools (e.g. Microsoft Sentinel, Splunk, CrowdStrike, Defender) Experience in incident triage ...

effective security controls aligned with business requirements using a risk-based approach. Familiarity with application attack tactics and techniques, including the MITRE ATT&CK framework, and security maturity models such as OpenSAMM and C2M2. Strong working knowledge of recognised security frameworks and standards, including NIST ...

experience with CrowdStrike (Falcon) Advanced Splunk (SPL + Enterprise Security) expertise Solid understanding of networks, cloud (AWS/Azure), and MITRE ATT&CK Bonus: Vulnerability Assessment and Pen Testing experience MUST HAVE LOCAL GOVERNMENT EXPERIENCE Certifications (desirable): Splunk Certified Cybersecurity Defense Engineer (highly preferred) CrowdStrike ...

used Microsoft Sentinel , that’s a major win). Threat Knowledge: A solid grasp of common attacker techniques (MITRE ATT&CK framework knowledge is highly regarded). Microsoft Ecosystem: Familiarity with Microsoft Defender for Endpoint/Identity or Azure security tools. The "Investigator" Mindset ...

current to target state, identifying required capabilities, technology changes, dependencies, risks, and timelines. Expertise performing data-focused threat modelling (e.g. STRIDE, MITRE ATT&CK, DREAD) to identify risks and recommend architectural mitigations. Excellent advisory skills with the ability to provide architectural governance, extend standards where ...

escalation point for Tier 1, owning investigations end-to-end triaging SIEM and EDR alerts, leading incident response, hunting threats using MITRE ATT&CK, and tuning detections to cut noise click apply for full job details ...

cloud, and red/purple team engagements • Strong knowledge of penetration testing tools, techniques, and methodologies • In-depth understanding of MITRE ATT&CK framework and adversarial TTPs • Proven ability to identify, validate, and clearly articulate vulnerabilities and risk • Experience producing high-quality reports with clear ...

cloud, and red/purple team engagements • Strong knowledge of penetration testing tools, techniques, and methodologies • In-depth understanding of MITRE ATT&CK framework and adversarial TTPs • Proven ability to identify, validate, and clearly articulate vulnerabilities and risk • Experience producing high-quality reports with clear ...

cloud, and red/purple team engagements • Strong knowledge of penetration testing tools, techniques, and methodologies • In-depth understanding of MITRE ATT&CK framework and adversarial TTPs • Proven ability to identify, validate, and clearly articulate vulnerabilities and risk • Experience producing high-quality reports with clear ...