1 to 25 of 51 MITRE ATT&CK Jobs in the South East

scripting tools in cloud environments is a plus Cloud Security skills (desired): Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) : Experience in threat modelling & application security risk assessments, secure software More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired): Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) : Experience in threat modelling & application security risk assessments, secure software More ❯

and tuning detection rules and use cases in SIEM and EDR platforms Monitoring and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response teams to support investigations and containment Enhancing detection coverage across network, endpoint, cloud, and identity sources Developing automation … detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE ATT&CK, threat actor tactics, and experience in incident detection, triage, and analysis within a SOC or similar environment Desirable Criteria Exposure to cloud security monitoring (AWS, Azure More ❯

and tuning detection rules and use cases in SIEM and EDR platforms Monitoring and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response teams to support investigations and containment Enhancing detection coverage across network, endpoint, cloud, and identity sources Developing automation … detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE ATT&CK, threat actor tactics, and experience in incident detection, triage, and analysis within a SOC or similar environment Desirable Criteria Exposure to cloud security monitoring (AWS, Azure More ❯

of security projects for internal and customer environments, including troubleshooting and client interaction. Contribute to the development and improvement of detection rules and response workflows using MITRE ATT&CK and Cyber Kill Chain models. Deliver outstanding operational support, actively driving outcomes for customers. What You’ll Bring You bring curiosity, structure, and a hunger to … security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting knowledge. Exposure to vulnerability management tools like Rapid7, Tenable, or Qualys. Understanding of the MITRE ATT&CK Framework and Cyber Kill Chain. Ability to communicate technical information clearly to both technical and non-technical audiences. Awareness of cloud computing, networking, firewalls and ITSM More ❯

of security projects for internal and customer environments, including troubleshooting and client interaction. Contribute to the development and improvement of detection rules and response workflows using MITRE ATT&CK and Cyber Kill Chain models. Deliver outstanding operational support, actively driving outcomes for customers. What You’ll Bring You bring curiosity, structure, and a hunger to … security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting knowledge. Exposure to vulnerability management tools like Rapid7, Tenable, or Qualys. Understanding of the MITRE ATT&CK Framework and Cyber Kill Chain. Ability to communicate technical information clearly to both technical and non-technical audiences. Awareness of cloud computing, networking, firewalls and ITSM More ❯

of security projects for internal and customer environments, including troubleshooting and client interaction. Contribute to the development and improvement of detection rules and response workflows using MITRE ATT&CK and Cyber Kill Chain models. Deliver outstanding operational support, actively driving outcomes for customers. What You’ll Bring You bring curiosity, structure, and a hunger to … security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting knowledge. Exposure to vulnerability management tools like Rapid7, Tenable, or Qualys. Understanding of the MITRE ATT&CK Framework and Cyber Kill Chain. Ability to communicate technical information clearly to both technical and non-technical audiences. Awareness of cloud computing, networking, firewalls and ITSM More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs … BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs … BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs … BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs … BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

has a strong technical focus, centred on the collection, enrichment, automation, and analysis of adversary tactics, techniques, and procedures (TTPs) across the Unified Kill Chain and MITRE ATT&CK frameworks. You’ll also support strategic intelligence functions, acting as a backup point of contact when needed to ensure continuity of intelligence delivery across our global … content and operational playbooks would be a bonus. Skills You’ll Need: Advanced understanding of attacker tools, techniques, and procedures. Knowledge of security frameworks: OWASP, NIST, MITRE ATT&CK, Unified Kill Chain. Proficient in risk analysis and information systems best practices. Expertise in intelligence gathering and analysis tools, including OSINT. Strong knowledge of malware analysis More ❯

fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). Exposure to threat hunting, vulnerability management, or integrations with ServiceNow/ More ❯

years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or More ❯

CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar More ❯

CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar More ❯

functions to partner on incidents and to ensure all appropriate actions are being actioned and communicated Conduct advanced threat hunting by using threat intelligence and the MITRE ATT&CK framework to proactively identify suspicious activity in the environment. Ensure data accuracy within the case management system and others. When not actively responding to incidents, other More ❯

functions to partner on incidents and to ensure all appropriate actions are being actioned and communicated Conduct advanced threat hunting by using threat intelligence and the MITRE ATT&CK framework to proactively identify suspicious activity in the environment. Ensure data accuracy within the case management system and others. When not actively responding to incidents, other More ❯

functions to partner on incidents and to ensure all appropriate actions are being actioned and communicated Conduct advanced threat hunting by using threat intelligence and the MITRE ATT&CK framework to proactively identify suspicious activity in the environment. Ensure data accuracy within the case management system and others. When not actively responding to incidents, other More ❯

internal and client use. Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. Threat Intelligence & Enrichment More ❯

internal and client use. Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. Threat Intelligence & Enrichment More ❯

internal and client use. Maintain accurate incident records in JIRA Service Management. Detection Engineering Develop and implement new detection rules in Microsoft Sentinel aligned to the MITRE ATT&CK framework. Draft and optimise KQL queries for detection and threat hunting. Refine existing detection logic based on false positive analysis and threat evolution. Threat Intelligence & Enrichment More ❯

IOC blocking, malware scans, and user containment Threat monitoring and detection Threat intelligence and hunting SOAR and automation Skills MS Sentinel/Defender for Endpoint Understanding Mitre Att&ck framework Required 2+ years exp in a SOC environment Experience from MSSP/MSP supporting multiple clients British Citizen SC Clearance More ❯