4 of 4 MITRE ATT&CK Jobs in Scotland

using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection mechanisms. Conduct adversary simulation exercises to test and … minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules) Malware Analysis & Reverse Engineering Network & Endpoint Security Monitoring (EDR, IDS/IPS More ❯

the creation and management of detection logic in SIEMs (eg Splunk, ArcSight, Microsoft Sentinel) Intermediate experience developing scripts in Python Strong knowledge of exploitation techniques (eg MITRE ATT&CK) and use-case development Thorough TCP/IP and protocol experience (OSI L2-L7, DNS, HTTP, REST, SOAP) Strong communication, task management and organizational skills Highly More ❯

experience in detection engineering or incident response. Ability in developing SOAR automations. Strong Python scripting and query language skills (SPL, EQL, SQL). Excellent knowledge of MITRE ATT&CK, TCP/IP, and protocols (DNS, HTTP, REST, SOAP). Unix/Linux proficiency. Flexibility to work 3 days onsite is essential Desirable skills: YARA, STIX More ❯

identification. Experience delivering cloud-focused security solutions and understanding of modern cyber threats and threat modeling techniques. Good understanding of security frameworks such as NIST CSF, Mitre ATT&CK. Benefits At Sword, our core values and culture focus on caring for our people, investing in training and career development, and building inclusive teams where everyone contributes to More ❯