1 to 25 of 40 Permanent MITRE ATT&CK Jobs in the North of England

response role Hands-on experience with Microsoft Sentinel (KQL, analytics rules, Logic Apps) Knowledge of Microsoft Defender XDR suite (Defender for Endpoint, Cloud, Identity) Understanding of MITRE ATT&CK, SIEM best practices, and security operations Strong analytical & communication skills (explaining risks to clients is key!) Bonus if you have: Microsoft certs (SC-200, SC More ❯

as a point of contact for intrusion analysis, forensics, and incident response queries. Managing ADHOC and regular products during capacity constraints. Knowledge of Cyber Kill Chain, MITRE ATT&CK, and developing new analytics and playbooks. Requirements Technical: 3+ years in Cyber Threat Intelligence, research, and investigation. Experience in incident response and management. Understanding of threats More ❯

sufficient quality for distribution In-depth knowledge of the various techniques and frameworks used within the Cyber Threat Intelligence Domain, Including the Cyber Kill Chain and MITRE ATT&CK Development of new analytics and playbooks that result in creation of new detection rules/analytics Requirements Technical 3+ years’ experience in Cyber Threat Intelligence, and More ❯

identify and contain threats. Perform proactive threat hunting using KQL within Microsoft Sentinel. Develop and fine-tune custom analytics rules, workbooks, and hunting queries. Apply the MITRE ATT&CK framework to build coverage and improve threat visibility. Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and parsing. Build and manage More ❯

sufficient quality for distribution In-depth knowledge of the various techniques and frameworks used within the Cyber Threat Intelligence Domain, Including the Cyber Kill Chain and MITRE ATT&CK Development of new analytics and playbooks that result in creation of new detection rules/analytics Requirements Technical 3+ years' experience in Cyber Threat Intelligence, and More ❯

off the cloud’ using Microsoft Graph API, app registrations, and managed identities. Ability to research and learn new tools and techniques quickly. Good understanding of the MITRE ATT&CK Framework. Strong knowledge of networking concepts and protocols (TCP/IP, UDP, DNS, DHCP, HTTP). Experience in Intrusion Analysis on Windows Devices and Azure Cloud More ❯

as use of Microsoft Graph API, app registrations and managed identities · Ability to quickly research and learn about new tools and techniques · Good working knowledge of MITRE ATT&CK Framework Good working knowledge of networking concepts & protocols (TCP/IP, UDP, DNS, DHCP, HTTP, etc.) · Intrusion Analysis on Windows Devices and Azure Cloud Architecture. · Relevant More ❯

Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models to form hypotheses and validate them through structured hunts. Leverage Jupyter Notebooks and other tools to automate hunts, visualise results, and create reusable … have 3-5+ years of hands-on experience in Threat Hunting, Red Team, Blue Team, or Incident Response roles, with a deep understanding of the MITRE ATT&CK framework and a proven ability to detect and investigate advanced threats beyond signature-based solutions. Adept at leveraging Splunk for data analysis and detection development, they … you Minimum Requirements Minimum 3-5 + years of experience within a Threat Hunter, Red Team, Incident Response, or Blue Team role. Solid understanding of the MITRE ATT&CK framework, TTP analysis, and adversary emulation. Deep familiarity with hypothesis-driven threat hunting frameworks and methodologies. Ability to work autonomously while collaborating across security, engineering, and More ❯

KQL, analytics rule creation, playbook development, and connector integration. Solid grasp of the Microsoft Defender XDR suite (Defender for Endpoint, Cloud, Identity, etc.). Familiarity with MITRE ATT&CK , SIEM fundamentals, and security best practices. Confident communicator and problem-solver, capable of working both independently and in a team. Bonus Points For: Microsoft certs: SC More ❯

using the ITIL framework. Ability to keep up to date with technology trends and to understand key technical drivers in the industry. Strong understanding of the MITRE ATT&CK and NIST Cybersecurity frameworks. Additional Information Your impact on Radius will be rewarded with the opportunity to develop and progress your career in many directions. You More ❯

their purpose in a layered security approach alongside analysing their outputs for security anomaly detection. In-depth understanding of the cyber threat landscape, advanced adversary tactics, and the MITRE Attack Framework. Strong understanding of low-level concepts including operating systems, Active Directory, Windows and Linux server environments, alongside computer networking. Knowledge of cloud environments and SaaS applications such More ❯

gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll also track threat actor tactics using MITRE ATT&CK and assist with incident response and reviews. Key skills required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing More ❯

off the cloud' using Microsoft Graph API, app registrations, and managed identities. Ability to quickly research and learn new tools and techniques. Good working knowledge of MITRE ATT&CK Framework. Understanding of networking concepts and protocols (TCP/IP, UDP, DNS, DHCP, HTTP, etc.). Experience with intrusion analysis on Windows devices and Azure cloud More ❯

Strong understanding of log management (onboarding, parsing, retention strategies) Demonstrated ability to build and manage detection use cases aligned with evolving threats Familiarity with the MITRE ATT&CK framework and threat modeling Solid understanding of Windows, Linux, networking, and endpoint security Skilled in threat intelligence, digital forensics, and advanced incident handling Experience with SOAR platforms More ❯

off the cloud’ (e.g., Microsoft Graph API, app registrations, managed identities). Ability to research and learn new tools and techniques quickly. Good working knowledge of MITRE ATT&CK framework. Understanding of networking concepts and protocols (TCP/IP, UDP, DNS, DHCP, HTTP). Experience with intrusion analysis on Windows and Azure cloud architecture. Relevant More ❯

with Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. More ❯

penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities More ❯

penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities More ❯

Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE ATT&CK framework Solid understanding of Windows and Linux systems, networking, and endpoint security Skilled in digital forensics, threat intelligence, and advanced incident handling Familiarity with SOAR platforms More ❯

Microsoft Sentinel (KQL, custom rules, automation, dashboards) Strong hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365 Proficient in handling incidents aligned with MITRE ATT&CK framework Solid understanding of Windows and Linux systems, networking, and endpoint security Skilled in digital forensics, threat intelligence, and advanced incident handling Familiarity with SOAR platforms More ❯

Strong reporting skills and ability to tailor reports to show improvements and learnings. In-depth understanding of modern attack techniques and flows. Understanding of NIST and MITRE ATT&CK Frameworks. Experience in cloud environments, ideally Azure. Strong communication skills, especially in translating technical feedback into improvements. Banking or finance industry experience is desirable. Security Incident … Management qualifications preferred, such as SANS 504. At least 3 years of experience in an Incident Response role. Experience responding to global security events. Experience using NIST or MITRE frameworks for defensive actions. Ability to explain security threats and create mitigations. Knowledge of IT infrastructure technologies and principles. Experience with vulnerability management tools like Nexpose, Qualys. Understanding of More ❯

is the role for you. Responsibilities: Analyzing security incidents using groundbreaking tools like Microsoft Sentinel and Splunk. Fine-tuning detection rules and strategies with frameworks like Mitre Att&ck to stay ahead of new threats. Crafting the future of our Security Operations Centre, ensuring we remain adaptable to new challenges. Skills/Must have: Proven … experience working in a Security Operations Centre. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the Mitre ATT&CK framework. Strong understanding of networking fundamentals (TCP/IP, WANs, LANs, common Internet protocols). Knowledge of enterprise-grade security tools such as firewalls, VPNs, AV, IDS/IPS, and log management. Experience analyzing More ❯

this is the role for you. Responsibilities: Analyzing security incidents using tools like Microsoft Sentinel and Splunk. Fine-tuning detection rules and strategies with frameworks like MITRE ATT&CK to stay ahead of new threats. Contributing to the development of our Security Operations Centre to adapt to emerging challenges. Skills/Must have: Proven experience … working in a Security Operations Centre. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Strong understanding of networking fundamentals (TCP/IP, WANs, LANs, common Internet protocols). Knowledge of enterprise-grade security tools such as firewalls, VPNs, antivirus, IDS/IPS, and log management. Experience analyzing log More ❯

corners - is hiring a Cyber Security Operations Engineer . If you're the kind of person who spots anomalies before SIEM alerts even pop, talks in MITRE ATT&CK when stressed, and dreams in hex - we want to hear from you. You’ll report to the Cyber Security Operations Manager and be part of the More ❯

capability. A keen interest in current cybersecurity developments, with awareness of emerging threats, attacker techniques, and known vulnerabilities. Working knowledge of industry recognized frameworks such as MITRE ATT&CK, and an understanding of key compliance requirements including ISO 27001 and Cyber Essentials Plus. Hands-on experience with Microsoft security technologies, particularly within Azure ecosystems, and More ❯