21 of 21 MITRE ATT&CK Jobs in the South East

of the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team … shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding of networking principles including TCP/ More ❯

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What youll … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate security incidents … For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/programming skills (Python, Bash More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

identify misconfigurations within the Bupa infrastructure that represent a potential security risk. You will also perform a leading role in designing test strategies based on the MITRE ATT&CK framework, using internal and external Threat Intelligence and your own knowledge and experience of corporate network environments. What you'll do: Reviewing and analysing findings from … to commit to and implement remediation strategies. Perform risk analysis on test data to ensure the most critical issues are addressed first, aligning with frameworks like MITRE ATT&CK and the Unified Kill Chain. Use threat intelligence to guide future assessments, ensuring testing is relevant to current controls and risks. Utilise BAS platforms and engage More ❯

has a strong technical focus, centred on the collection, enrichment, automation, and analysis of adversary tactics, techniques, and procedures (TTPs) across the Unified Kill Chain and MITRE ATT&CK frameworks. You’ll also support strategic intelligence functions, acting as a backup point of contact when needed to ensure continuity of intelligence delivery across our global … content and operational playbooks would be a bonus. Skills You’ll Need: Advanced understanding of attacker tools, techniques, and procedures. Knowledge of security frameworks: OWASP, NIST, MITRE ATT&CK, Unified Kill Chain. Proficient in risk analysis and information systems best practices. Expertise in intelligence gathering and analysis tools, including OSINT. Strong knowledge of malware analysis More ❯

SOC incident queues and support asset baseline maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For … Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA). Academic background in cybersecurity or a related subject. Desirable Skills: Programming/scripting More ❯

fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). Exposure to threat hunting, vulnerability management, or integrations with ServiceNow/ More ❯

event hubs. Engineer detection content: write, test, and tune KQL analytics, scheduled rules, UEBA policies, MSTIC notebooks, watchlists, and hunting queries that map to industry frameworks (MITRE ATT&CK). Build incident response playbooks and SOAR automation with Logic Apps to enrich, correlate, contain, notify, and ticket, reducing MTTD/MTTR and false positives. Run More ❯

years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯

detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT&CK Relevant Microsoft certifications such as SC-200 and AZ-500 are highly desirable Familiarity with web security tooling such as web proxies, DNS filtering, and Cisco More ❯

etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative More ❯

enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours, indicative of malicious More ❯

MS Security Operations Analyst or AZ-500 Azure Security Engineer Associate Knowledge of cloud security principles and technologies Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security Analyst or in a SOC More ❯

2nd line or similar). Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding of common security frameworks and practices (e.g., MITRE ATT&CK, NIST, ISO 27001). Familiarity with a range of security tools and platforms – experience with Microsoft Sentinel is desirable but not essential. Excellent communication skills – able More ❯

etc.). Are proficient in KQL (Kusto Query Language) and Azure Logic Apps. Have experience with security automation and orchestration tools (SOAR). Are familiarity with MITRE ATT&CK framework and threat detection methodologies. Scripting skills (PowerShell, Python) for automation and integration. What's in it for me? £competitive salary + benefits Who you'll More ❯

strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence technical and business stakeholders across all levels of an organization Experience supporting RFP/RFI More ❯

high-volume, real-world attack telemetry. 2+ years' experience specifically in a Threat Intelligence function. Familiarity with threat actor tracking, vulnerability databases, and frameworks such as MITRE ATT&CK . Strong data analysis skills, ideally using the ELK stack (OpenSearch, Logstash, Kibana) . Intermediate proficiency in Python , capable of automating workflows and developing custom analysis More ❯