1 to 25 of 44 MITRE ATT&CK Jobs in London

Cyber Threat Intelligence Analyst - MITRE ATT&CK, Network, Incident response Client is looking for a Cyber Threat Intelligence Analyst to join their threat management team. To help identify and mitigate advanced cyber threats Experience needed: - Cyber threat intelligence - Security operations/Incident response background - MITRE ATT&CK mapping - Network Protocols More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired): Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) : Experience in threat modelling & application security risk assessments, secure software More ❯

SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) Solid understanding of Windows, Linux, and network security principles Experience with forensic or threat analysis techniques Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable Exposure to automation or SOAR tooling PowerShell or Python scripting skills GIAC or Microsoft security certifications This is an opportunity to … SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) * Solid understanding of Windows, Linux, and network security principles * Experience with forensic or threat analysis techniques * Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable * Exposure to automation or SOAR tooling * PowerShell or Python scripting skills * GIAC or Microsoft security certifications This is an opportunity to More ❯

oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate security incidents … For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/programming skills (Python, Bash More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

data enrichment tools. Experience using Breach and Attack Simulation (BAS) platforms to build and validate threat scenarios. Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modeling. Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera. Experience producing threat reports and … activities by providing contextual intelligence and working alongside hunt team members. Conduct threat modeling of threat actors, including their capabilities, motivations, and potential impact. Leverage the MITRE ATT&CK framework to map threat actor behaviors and support detection engineering. Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans. Collaborate with global stakeholders More ❯

of Threat Intelligence Practices & Ability to Translate Complex Data Strong Background in Threat & Vulnerability Intelligence, including familiarity with Threat Actor Tracking, Vulnerability Databases & Frameworks such as MITRE ATT&CK Hands-On Experience with Honeypot Data & Log Analysis, ideally within ELK Stack Proficiency in Python Programming with Ability to Automate Workflows, Parse Data & Build Customised Tooling … Both Internal Stakeholders & External Searches: Threat Analyst/Threat Intelligence Analyst/Senior Threat Intelligence Analyst/Senior Vulnerability Analyst/Threat Hunting/Adversarial/MITRE ATT&CK/APT Analyst/Cyber Threat Analyst At SECURE , We Value Attitude & Aptitude Over Certifications. If you possess the drive and relevant experience to deliver tangible More ❯

has a strong technical focus, centred on the collection, enrichment, automation, and analysis of adversary tactics, techniques, and procedures (TTPs) across the Unified Kill Chain and MITRE ATT&CK frameworks. You’ll also support strategic intelligence functions, acting as a backup point of contact when needed to ensure continuity of intelligence delivery across our global … content and operational playbooks would be a bonus. Skills You’ll Need: Advanced understanding of attacker tools, techniques, and procedures. Knowledge of security frameworks: OWASP, NIST, MITRE ATT&CK, Unified Kill Chain. Proficient in risk analysis and information systems best practices. Expertise in intelligence gathering and analysis tools, including OSINT. Strong knowledge of malware analysis More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

SOC incident queues and support asset baseline maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For … Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA). Academic background in cybersecurity or a related subject. Desirable Skills: Programming/scripting More ❯

context and collaborating with hunt teams to refine hypotheses. Conduct threat actor modelling, focusing on motivations, capabilities, and potential business impact. Map threat behaviours using the MITRE ATT&CK framework to support detection engineering. Develop and maintain threat profiles, adversary emulation plans, and attack surface insights. Deliver high quality briefings, reports, and threat assessments to … or penetration testing. Proven ability to collaborate with Red Teams, Blue Teams, and SOC functions. Strong understanding of adversary TTPs, threat modelling, and frameworks such as MITRE ATT&CK. Experience with threat intelligence platforms, SIEM systems, and enrichment tools. Familiarity with Breach and Attack Simulation platforms. Hands on experience with penetration testing tools such as Metasploit, Burp More ❯

context and collaborating with hunt teams to refine hypotheses. Conduct threat actor modelling, focusing on motivations, capabilities, and potential business impact. Map threat behaviours using the MITRE ATT&CK framework to support detection engineering. Develop and maintain threat profiles, adversary emulation plans, and attack surface insights. Deliver high quality briefings, reports, and threat assessments to … or penetration testing. Proven ability to collaborate with Red Teams, Blue Teams, and SOC functions. Strong understanding of adversary TTPs, threat modelling, and frameworks such as MITRE ATT&CK. Experience with threat intelligence platforms, SIEM systems, and enrichment tools. Familiarity with Breach and Attack Simulation platforms. Hands on experience with penetration testing tools such as Metasploit, Burp More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours, indicative of malicious More ❯

Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS/IPS, and SOAR platforms. More ❯

Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS/IPS, and SOAR platforms. More ❯

2nd line or similar). Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding of common security frameworks and practices (e.g., MITRE ATT&CK, NIST, ISO 27001). Familiarity with a range of security tools and platforms – experience with Microsoft Sentinel is desirable but not essential. Excellent communication skills – able More ❯

scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat Intel, Red Teams More ❯

scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat Intel, Red Teams More ❯