Bash). Strong understanding of SOC processes, including incident response and threat detection. Experience with SIEM platforms (e.g., Splunk). Knowledge of security frameworks (e.g., NIST, MITREATT&CK). Skills Proficiency in automation tools (e.g., SOAR platforms, Ansible, Phantom). Expertise in scripting languages (e.g., Python, PowerShell, Bash). Strong knowledge of SOC processes … . Ability to integrate and automate security tools. Strong problem-solving and analytical skills. Experience in developing automated workflows and playbooks. Knowledge of security frameworks (e.g., MITREATT&CK, NIST). Strong collaboration and communication skills. Experience with log management and event correlation automation. Experience 3-5 years of experience in SOC or cybersecurity roles. … incident response, and threat detection. Experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight). Experience developing and managing automated response workflows. Familiarity with security frameworks like MITREATT&CK or NIST. Experience working with security log management and event correlation tools. Additional Information What will happen next? If the opportunity sounds interesting to you, please More ❯
London, England, United Kingdom Hybrid / WFH Options
Barclay Simpson
Perform advanced threat hunting and root cause analysis across cloud workloads, Kubernetes clusters, APIs, and user activity. Integrate external threat intelligence feeds, aligning TTPs with the MITREATT&CK framework. Drive continuous improvement by conducting regular purple team exercises and scenario-based tabletop tests. Cloud Security Engineering Work hands-on with GCP security controls, including … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITREATT&CK, Kill Chain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or … GCIA Experience implementing Zero Trust Architecture in a cloud-native environment. Familiarity with OPA/Gatekeeper, Kubernetes Admission Controllers. Background in red teaming or adversary simulation (MITRE Caldera, Atomic Red Team). Experience working with BigQuery, Data Loss Prevention (DLP) tools, and Key Management Systems (KMS). Why This Role? Work directly with engineering, DevSecOps, and compliance leadership. More ❯
systems, and security principles Proficiency with security tools like LogRhythm, Qualys, SCCM, Intune, Microsoft 365, AD, and enterprise anti-malware Technical knowledge in network segmentation, firewalls, MitreAtt&ck, Windows, Linux, and Mac, with experience in NIST standards and frameworks About You Bring strong analytical, problem-solving, and interpersonal skills to collaborate across teams and More ❯
cybersecurity, with 2+ in SOC or security engineering. Strong experience with SIEM/SOAR (e.g., Splunk, Sentinel). Proficient in scripting (Python, PowerShell). Knowledge of MITREATT&CK and incident response. Experience in regulated financial environments. Nice to Have: SOC certifications (e.g., GCIH, GCIA), Splunk Certified User/Admin. Familiarity with cloud logging (CloudTrail More ❯
Play a pivotal role in incident response and root cause analysis for complex security issues Drive automation of processes, implement best practice frameworks (NIST, ISO 27001, MITREATT&CK), and ensure thorough documentation of systems and workflows Engage with vendors, test and deploy security technologies, and contribute to technical decision-making What We're Looking More ❯
NIST 800-61 incident response lifecycle, including containment, eradication, and recovery. Experience in digital forensics, including evidence acquisition and chain-of-custody practices. Familiarity with frameworks such as MITREATTACK, Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Knowledge of open-source IR tools such as Velociraptor, Eric Zimmerman Tools, Chainsaw, Volatility More ❯
technical experience in computer forensics for cyber incident response and investigations. Understanding of best practices (NPCC, NIST, ISO17025) in evidence handling, systems, and tools. Knowledge of MITREATT&CK, Cyber Kill Chain, network topology, and EDR solutions. Expertise in multiple operating systems (Microsoft, Linux), cloud services (Microsoft 365, Azure, AWS, Google Workspace), and on-premise More ❯
following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITREATT&CK) Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus More ❯
and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITREATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITREATT&CK framework and threat detection lifecycle. More ❯
and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITREATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITREATT&CK framework and threat detection lifecycle. More ❯
and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITREATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITREATT&CK framework and threat detection lifecycle. More ❯
must have demonstrable expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including remediations for the MITREATT&CK Framework and NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the More ❯
City of London, London, United Kingdom Hybrid / WFH Options
Iceberg
trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITREATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯
trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITREATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯
South East London, England, United Kingdom Hybrid / WFH Options
Iceberg
trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITREATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯
stakeholders. Qualifications Your Skills & Experience We seek candidates with experience in: Proficiency in GCP (essential) Security architecture principles, frameworks, and best practices Threat modeling methodologies like MITREATT&CK, STRIDE, PASTA Cybersecurity experience of 5+ years Security practices including authentication, authorization, logging, encryption, infrastructure security, network segmentation Knowledge of cloud security frameworks Rest API knowledge More ❯
automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITREATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications More ❯
automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITREATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications More ❯
automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITREATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications More ❯
Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITREATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or More ❯
Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITREATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or More ❯
Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITREATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or More ❯
disrupt threats before attackers achieve their objectives. The ideal candidate must possess demonstrated expertise in log analysis, network traffic investigation, and in-depth knowledge of the MITREATT&CK framework and Incident Response framework. Key responsibilities: Part of the global IT security team working closely with the US SOC teams. Performs a combination of duties More ❯
