5 of 5 Cyber Kill Chain Jobs in the Thames Valley

response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards … and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration More ❯

response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards … and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration More ❯

response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting & Collaboration Produce reports and dashboards … and normalisation. Proficiency in SIEM query languages such as KQL, SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration More ❯

work experience. 5+ years of experience in engineering and technology, preferably in Financial Services, Technology, or a related field. Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong More ❯

We make it, store it, move it, sell it, and mend it. An opportunity to play your part - Are you ready to be a key player in Centrica's cyber world? As a Global Security Operations Centre Analyst, you'll play a pivotal role in safeguarding our organisation's digital fortress. Your mission: monitor, detect, and respond to security … incidents with lightning speed, while crafting and implementing top-notch security measures to protect our systems and data. You'll collaborate closely with our cyber defence squads, ensuring we stay one step ahead of threats and continuously enhance our security landscape. If you're passionate about cybersecurity and eager to make a real impact, this is the adventure you … EDR, and other tools. Investigate and respond to security incidents, ensuring effective containment, remediation, and recovery while considering business requirements. Follow defined incident response processes and escalate to the Cyber Security Incident Response team when necessary. Develop and fine-tune detection rules, create and maintain detection playbooks, and collaborate with threat intelligence to identify new detection opportunities. Use automation More ❯