3 of 3 MITRE ATT&CK Jobs in Birmingham

using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection mechanisms. Conduct adversary simulation exercises to test and … operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules) Malware Analysis & Reverse Engineering Network & Endpoint Security Monitoring (EDR, IDS/IPS More ❯

Perform advanced threat hunting and root cause analysis across cloud workloads, Kubernetes clusters, APIs, and user activity. Integrate external threat intelligence feeds, aligning TTPs with the MITRE ATT&CK framework. Drive continuous improvement by conducting regular purple team exercises and scenario-based tabletop tests. Cloud Security Engineering Work hands-on with GCP security controls, including … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, Kill Chain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or … GCIA Experience implementing Zero Trust Architecture in a cloud-native environment. Familiarity with OPA/Gatekeeper, Kubernetes Admission Controllers. Background in red teaming or adversary simulation (MITRE Caldera, Atomic Red Team). Experience working with BigQuery, Data Loss Prevention (DLP) tools, and Key Management Systems (KMS). Why This Role? Work directly with engineering, DevSecOps, and compliance leadership. More ❯

compliance with data protection regulations. Detection Rule Development: Ability to create, test, and optimise detection rules to identify suspicious activities and potential threats based on the MITRE ATT&CK Framework Performance Tuning with Elasticsearch and Logstash: Fine-tune query performance using Elasticsearch indices and mappings. Monitor Logstash pipelines and optimize resource utilization. Kibana Visualization and More ❯