1 to 25 of 74 MITRE ATT&CK Jobs in England

scripting tools in cloud environments is a plus Cloud Security skills (desired): Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) : Experience in threat modelling & application security risk assessments, secure software More ❯

Science, Information Security, or related field (or equivalent experience). • 3–5+ years of experience in cybersecurity or information security engineering/analysis. • Strong knowledge of MITRE ATT&CK, NIST, ISO 27001, and other frameworks. • Experience with security tools. • Familiarity with scripting languages (Python, Bash, PowerShell) is a plus. • Relevant certifications (e.g., CEH, OSCP, CISSP … GSEC) preferred. If you have 3–5+ years of experience in cybersecurity or information security engineering/analysis with relevant certifications, along with strong knowledge of MITRE ATT&CK, NIST, ISO 27001, and other frameworks alongside experience with security tools, and you are looking to join a team at a friendly, supportive company that prides More ❯

of the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team … shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding of networking principles including TCP/ More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate security incidents … For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/programming skills (Python, Bash More ❯

oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate security incidents … For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/programming skills (Python, Bash More ❯

simulation Support threat hunting activities and provide tactical, contextual intelligence to stakeholders Model and assess threat actors, including motivations, capabilities, attack vectors, and impacts Leverage the MITRE ATT&CK framework for mapping adversary behaviours and detection Develop and update threat profiles, attack surface assessments, and adversary emulation plans Present high-quality threat briefings, risk assessments … Intelligence Platforms), SIEM tools, and threat data enrichment solutions Practical exposure to Breach & Attack Simulation (BAS) tools for threat scenario development Strong knowledge of adversary TTPs, MITRE ATT&CK, and modern threat modelling techniques Technical proficiency with pentesting tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing actionable threat intelligence reports More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

data enrichment tools. Experience using Breach and Attack Simulation (BAS) platforms to build and validate threat scenarios. Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modeling. Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera. Experience producing threat reports and … activities by providing contextual intelligence and working alongside hunt team members. Conduct threat modeling of threat actors, including their capabilities, motivations, and potential impact. Leverage the MITRE ATT&CK framework to map threat actor behaviors and support detection engineering. Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans. Collaborate with global stakeholders More ❯

of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs … BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

of Threat Intelligence Practices & Ability to Translate Complex Data Strong Background in Threat & Vulnerability Intelligence, including familiarity with Threat Actor Tracking, Vulnerability Databases & Frameworks such as MITRE ATT&CK Hands-On Experience with Honeypot Data & Log Analysis, ideally within ELK Stack Proficiency in Python Programming with Ability to Automate Workflows, Parse Data & Build Customised Tooling … Both Internal Stakeholders & External Searches: Threat Analyst/Threat Intelligence Analyst/Senior Threat Intelligence Analyst/Senior Vulnerability Analyst/Threat Hunting/Adversarial/MITRE ATT&CK/APT Analyst/Cyber Threat Analyst At SECURE , We Value Attitude & Aptitude Over Certifications. If you possess the drive and relevant experience to deliver tangible More ❯

has a strong technical focus, centred on the collection, enrichment, automation, and analysis of adversary tactics, techniques, and procedures (TTPs) across the Unified Kill Chain and MITRE ATT&CK frameworks. You’ll also support strategic intelligence functions, acting as a backup point of contact when needed to ensure continuity of intelligence delivery across our global … content and operational playbooks would be a bonus. Skills You’ll Need: Advanced understanding of attacker tools, techniques, and procedures. Knowledge of security frameworks: OWASP, NIST, MITRE ATT&CK, Unified Kill Chain. Proficient in risk analysis and information systems best practices. Expertise in intelligence gathering and analysis tools, including OSINT. Strong knowledge of malware analysis More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

architecture for service mesh deployments across Kubernetes and containerised platforms. Conduct risk assessments and develop mitigation strategies for identified vulnerabilities. Create detailed threat models aligned to MITRE ATT&CK and STRIDE frameworks. Design and review secure API gateway patterns using IBM DataPower. Lead implementation of Zero-Trust , mTLS, RBAC and policy enforcement within service mesh … designing secure architectures for hybrid/multi-cloud environments. Strong background in Zero-Trust , microservices security, and containerised platforms. Experienced in building bespoke threat models using MITRE ATT&CK & STRIDE . Ability to assess security elements of solution designs, constructively challenge, and drive secure outcomes. If you are interested or would like to know more More ❯

SOC incident queues and support asset baseline maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For … Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA). Academic background in cybersecurity or a related subject. Desirable Skills: Programming/scripting More ❯

SOC incident queues and support asset baseline maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For … Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA). Academic background in cybersecurity or a related subject. Desirable Skills: Programming/scripting More ❯

key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews … effective shift models. Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem, and change management. It More ❯

executive audiences. Work closely with clients to define forensic requirements and develop incident response playbooks. Conduct threat hunting and compromise assessments, correlating findings with threat intelligence (MITRE ATT&CK, TTPs, IOCs). Support cloud forensics in AWS and Azure, ensuring proper collection and handling of digital evidence. Help develop forensic methodologies and best practices, contributing … translate complex forensic data into clear, client-friendly reports. Knowledge of chain of custody, evidential procedures, and forensic readiness. Familiarity with threat intelligence frameworks such as MITRE ATT&CK. Relevant certifications (desirable): GCFA, GCIH, CISSP, AWS Security Specialty, Azure Security Engineer. As an industry leading, nationwide Marketing, Digital, Analytics, IT and Design recruitment agency, we are continually More ❯

Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry More ❯

and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to More ❯

incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve More ❯