4 of 4 MISP Jobs in the UK

technical stakeholders. Maintaining and updating incident documentation, analysis findings and recommended remediation actions. The technology you'll work with: Microsoft Sentinel Splunk MISP threat intelligence sharing Exposure to a broad range of enterprise and defence-grade security tooling What you'll bring: Proven experience working in a Security Operations ...

Operations Center with a technology-oriented attitude and the capacity to assume control. From a technical perspective we are using Microsoft Sentinel, Splunk and MISP Threat sharing so any knowledge of these technologies would be a substantial benefit. Role based on site in our Farnborough office and is shift ...

Carbon Black, SentinelOne, Microsoft Defender SOAR: Splunk Phantom, Palo Alto Cortex XSOAR, IBM Resilient Vulnerability Management: Qualys, Tenable, Rapid7 Threat Intelligence: Recorded Future, ThreatConnect, MISP Integration & Automation REST APIs and API integration Scripting: Python, PowerShell, Bash Automation tools: Ansible, Terraform, Jenkins Data formats: JSON, XML, CSV, Syslog, CEF Infrastructure & Networking ...

remediation workflows with engineering teams to close gaps in control coverage. Threat Intelligence & Attribution Oversee the correlation of internal telemetry with external feeds (e.g., MISP, Recorded Future, Microsoft TI). Map adversary TTPs using MITRE ATT&CK, and produce attribution matrices for major incidents. Track UK-relevant threats, including supply ...

campaigns Maintain adversary profiles using MITRE ATT&CK, Diamond Model and sector-specific threat frameworks Correlate internal security telemetry with external intelligence feeds (e.g. MISP, Recorded Future, ISACs, Microsoft TI) Operationalise STIX/TAXII feeds and enrich IOC/IOA pipelines for SOC and Incident Response teams Translate threat intelligence … Incident Response Strong working knowledge of MITRE ATT&CK and threat actor lifecycle analysis Hands-on experience with threat intelligence platforms such as MISP, Recorded Future, Anomali or similar Strong experience with Microsoft security tooling, ideally Sentinel and Defender Proficiency in KQL and working knowledge of Python for automation ...