1 to 25 of 38 MITRE ATT&CK Jobs in England

/XDR, cloud, identity, and network data sources. - Apply a threat-led approach, developing detections mapped to adversary tradecraft using the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model. - Rapidly create new detections in response to emerging threats, Cyber Threat Intelligence … incident or hunt findings. - Contribute to the detection library, ensuring detections are version-controlled, documented, tested, and mapped to MITRE ATT&CK coverage. - Tune and optimise existing detections to reduce false positives and continuously improve fidelity. - Practise Detection-as-Code, using Git-based workflows, peer ...

within the team. Demonstrable experience leading cyber security incident response (incident command), from detection through containment and remediation. Working knowledge of MITRE ATT&CK and at least one recognised control framework (ISO 27001, CIS or NIST). Risk-based prioritisation of remediation using threat intelligence. … tooling (e.g. CrowdStrike or equivalent) in a production environment. Prioritised and managed a risk-based security backlog, applying frameworks such as MITRE ATT&CK and threat-based prioritisation. Assured the delivery of security initiatives across distributed teams or sites, tracking vulnerability remediation and patching through ...

within the team. Demonstrable experience leading cyber security incident response (incident command), from detection through containment and remediation. Working knowledge of MITRE ATT&CK and at least one recognised control framework (ISO 27001, CIS or NIST). Risk-based prioritisation of remediation using threat intelligence. … tooling (e.g. CrowdStrike or equivalent) in a production environment. Prioritised and managed a risk-based security backlog, applying frameworks such as MITRE ATT&CK and threat-based prioritisation. Assured the delivery of security initiatives across distributed teams or sites, tracking vulnerability remediation and patching through ...

Threat & Adversary Knowledge * Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry * Familiarity with MITRE ATT&CK framework * Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques ________________________________________ Incident Handling & Investigation * Experience … Analyst, Cyber Security Analyst, Microsoft Sentinel, Splunk, Elastic SIEM, KQL, SPL, ES|QL, Threat Detection, Incident Response, EDR, IDS/IPS, MITRE ATT&CK, Cyber Defence ...

customer environments. Producing clear, insightful reports for both technical and non-technical audiences. Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence. What you’ll bring: Hands-on experience with Microsoft Sentinel and Splunk. Knowledge of the MITRE ATT&CK framework. Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security. Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.). Strong analytical thinking and structured problem-solving. An entry-level cyber security certification ...

reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from … Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding ...

customer environments. Producing clear, insightful reports for both technical and non-technical audiences. Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence. What you'll bring: Hands-on experience with Microsoft Sentinel and Splunk. Knowledge of the MITRE ATT&CK framework. Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security. Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.). Strong analytical thinking and structured problem-solving. An entry-level cyber security certification ...

network traffic to identify malicious activity. Contribute to the development and improvement of detection rules and use cases aligned to the MITRE ATT&CK framework. Support continuous improvement of SOC processes, tooling, and incident response playbooks. Maintain clear and accurate incident documentation, including reports … environment. It would be great if you had: Experience improving detection content or threat-informed defense use cases. Familiarity with the MITRE ATT&CK framework. Scripting or automation experience (e.g. Python, PowerShell, Bash). Exposure to malware analysis or reverse engineering (not required ...

pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor, tune and retire, using version control … Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning to reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large ...

SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across … PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles. ...

SIEM, SOAR, EDR, DLP, email security and intrusion detection technologies. Analyse attacker tactics, techniques and procedures (TTPs) using frameworks such as MITRE ATT&CK. Produce dashboards, reports and recommendations to improve security posture. Ensure adherence to operational processes, SLAs, KPIs and security policies. Drive continuous improvement across … PowerShell, Bash, Perl or similar. Understanding of network forensics, threat intelligence and cyber threat detection methodologies. Knowledge of ISO 27001:2022 , MITRE ATT&CK , and IT Service Management principles. If you'd like to discuss this Senior SOC Analyst in more detail, please send your ...

platforms Knowledge of cybersecurity frameworks such as NIST, ISO27001, CIS benchmarks and Cyber Essentials Experience with threat intelligence frameworks such as MITRE ATT&CK and Cyber Kill Chain Familiarity with Data Loss Prevention technologies and Microsoft 365 security tooling Exposure to DevSecOps practices and cloud ...

including TCP/IP, DNS, firewalls, and proxies. Experience within a SOC, NOC, or 24/7 operational environment. Familiarity with MITRE ATT&CK, CVEs, and vulnerability management. Exposure to cloud security monitoring across Azure, AWS, or Microsoft 365. Desirable Certifications Microsoft SC-200 CompTIA ...

Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology ...

Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology ...

forensic techniques. Current DV clearance is essential. Skills in Python, PowerShell, BASH, or similar scripting languages. Familiarity with ISO 27001, MITRE ATT&CK, and ITIL frameworks. Desired skills: Certifications like CompTIA Security+, CySA+, PenTest+, or MCSE. Experience with network forensics and intrusion detection systems. Join ...

experience in threat hunting at a large enterprise environment. Experience with incident response, SOC, or detection engineering. Deep understanding of the MITRE ATT&CK framework and how to practically apply it to threat hunting methodologies and detection logic. ·Proficiency in complex query writing (e.g. ...

Experience across SIEM, EDR/XDR, vulnerability scanning, and cloud security Knowledge of detection engineering, log pipelines, and threat frameworks (e.g. MITRE ATT&CK) Scripting/automation skills (PowerShell, Python, or similar) Solid understanding of networking, Azure, and security architecture Experience working in regulated environments ...

Splunk, Sentinel, Elastic) Ability to develop and tune detection rules and alerts Experience with incident response and threat analysis Knowledge of MITRE ATT&CK, IOCs, and TTPs Familiarity with SOAR tools and automation Scripting experience (e.g. Python, PowerShell, Bash) is beneficial Why Apply? Opportunity ...

managing Splunk Enterprise Security (ES). Technical Knowledge: Strong Understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Vulnerability Assessment: 2+ years of experience using vulnerability assessment tools is a bonus. Penetration Testing Experience: Familiarity with penetration testing ...

queries and manage Splunk Enterprise Security. Technical Breadth: Strong knowledge of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Vulnerability Assessment & Penetration Testing: Bonus points for experience with vulnerability assessment tools and exposure to penetration testing and web application testing. ...

site, flexible) Rate : £680 - £780 IR35 : Inside Length : 12 months Clearance: UKSV DV Essential Familiarity with cyber threat frameworks - for example, MITRE ATT&CK, Diamond Model, and the Intelligence Cycle Experience using open-source and commercial research methods, threat intelligence platforms or security tooling. Experience ...

waterfall and agile methods. You will have experience of adopting security standards and frameworks (such as NIST Cybersecurity Framework, CIS Controls, MITRE ATT&CK) within public or private sector. You will have experience in creating/managing User and System usage policy documentation (SyOps ConOps ...

Insight, Discover) Advanced Splunk skills, including SPL and Enterprise Security (ES) Solid understanding of networking, cloud security (AWS/Azure), and MITRE ATT&CK Experience in vulnerability assessment (desirable) Exposure to penetration testing and web application security (desirable) Qualifications Cyber security certifications (e.g. Security+, CySA+ ...

skills and experience: Experience in risk and threat modelling within high-threat government environments. Experience with cyber threat frameworks, such as MITRE ATT&CK, the Diamond Model, and the Intelligence Cycle. Proficiency in using open-source and commercial research methods & threat intelligence platforms. Proven experience ...