1 to 25 of 103 MITRE ATT&CK Jobs in the UK

Cyber Threat Intelligence Analyst - MITRE ATT&CK, Network, Incident response Client is looking for a Cyber Threat Intelligence Analyst to join their threat management team. To help identify and mitigate advanced cyber threats Experience needed: - Cyber threat intelligence - Security operations/Incident response background - MITRE ATT&CK mapping - Network Protocols More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired): Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) : Experience in threat modelling & application security risk assessments, secure software More ❯

Science, Information Security, or related field (or equivalent experience). • 3–5+ years of experience in cybersecurity or information security engineering/analysis. • Strong knowledge of MITRE ATT&CK, NIST, ISO 27001, and other frameworks. • Experience with security tools. • Familiarity with scripting languages (Python, Bash, PowerShell) is a plus. • Relevant certifications (e.g., CEH, OSCP, CISSP … GSEC) preferred. If you have 3–5+ years of experience in cybersecurity or information security engineering/analysis with relevant certifications, along with strong knowledge of MITRE ATT&CK, NIST, ISO 27001, and other frameworks alongside experience with security tools, and you are looking to join a team at a friendly, supportive company that prides More ❯

SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) Solid understanding of Windows, Linux, and network security principles Experience with forensic or threat analysis techniques Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable Exposure to automation or SOAR tooling PowerShell or Python scripting skills GIAC or Microsoft security certifications This is an opportunity to … SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) * Solid understanding of Windows, Linux, and network security principles * Experience with forensic or threat analysis techniques * Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable * Exposure to automation or SOAR tooling * PowerShell or Python scripting skills * GIAC or Microsoft security certifications This is an opportunity to More ❯

of the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team … shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding of networking principles including TCP/ More ❯

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What youll … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What you … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate security incidents … For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/programming skills (Python, Bash More ❯

oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate security incidents … For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/programming skills (Python, Bash More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

data enrichment tools. Experience using Breach and Attack Simulation (BAS) platforms to build and validate threat scenarios. Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modeling. Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera. Experience producing threat reports and … activities by providing contextual intelligence and working alongside hunt team members. Conduct threat modeling of threat actors, including their capabilities, motivations, and potential impact. Leverage the MITRE ATT&CK framework to map threat actor behaviors and support detection engineering. Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans. Collaborate with global stakeholders More ❯

planning, and execution of sophisticated Red Team engagements simulating advanced persistent threats across global enterprise environments Develop and refine Tactics, Techniques, and Procedures (TTPs) aligned with MITRE ATT&CK to challenge and validate detection and response mechanisms Conduct advanced adversary emulation, lateral movement, privilege escalation, and persistence operations in diverse environments Reverse engineer proof-of … Windows and Linux internals, Active Directory, and enterprise network architecture Experience with vulnerability research, exploit development, and threat emulation Strong knowledge of security frameworks such as MITRE ATT&CK, NIST-CSF, and OWASP Strong ability to analyse and distil complex issues and present succinct updates to management and associated committees. The ability to create clear More ❯

of Threat Intelligence Practices & Ability to Translate Complex Data Strong Background in Threat & Vulnerability Intelligence, including familiarity with Threat Actor Tracking, Vulnerability Databases & Frameworks such as MITRE ATT&CK Hands-On Experience with Honeypot Data & Log Analysis, ideally within ELK Stack Proficiency in Python Programming with Ability to Automate Workflows, Parse Data & Build Customised Tooling … Both Internal Stakeholders & External Searches: Threat Analyst/Threat Intelligence Analyst/Senior Threat Intelligence Analyst/Senior Vulnerability Analyst/Threat Hunting/Adversarial/MITRE ATT&CK/APT Analyst/Cyber Threat Analyst At SECURE , We Value Attitude & Aptitude Over Certifications. If you possess the drive and relevant experience to deliver tangible More ❯

has a strong technical focus, centred on the collection, enrichment, automation, and analysis of adversary tactics, techniques, and procedures (TTPs) across the Unified Kill Chain and MITRE ATT&CK frameworks. You’ll also support strategic intelligence functions, acting as a backup point of contact when needed to ensure continuity of intelligence delivery across our global … content and operational playbooks would be a bonus. Skills You’ll Need: Advanced understanding of attacker tools, techniques, and procedures. Knowledge of security frameworks: OWASP, NIST, MITRE ATT&CK, Unified Kill Chain. Proficient in risk analysis and information systems best practices. Expertise in intelligence gathering and analysis tools, including OSINT. Strong knowledge of malware analysis More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

architecture for service mesh deployments across Kubernetes and containerised platforms. Conduct risk assessments and develop mitigation strategies for identified vulnerabilities. Create detailed threat models aligned to MITRE ATT&CK and STRIDE frameworks. Design and review secure API gateway patterns using IBM DataPower. Lead implementation of Zero-Trust , mTLS, RBAC and policy enforcement within service mesh … designing secure architectures for hybrid/multi-cloud environments. Strong background in Zero-Trust , microservices security, and containerised platforms. Experienced in building bespoke threat models using MITRE ATT&CK & STRIDE . Ability to assess security elements of solution designs, constructively challenge, and drive secure outcomes. If you are interested or would like to know more More ❯

secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats … To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of More ❯

SOC incident queues and support asset baseline maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For … Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA). Academic background in cybersecurity or a related subject. Desirable Skills: Programming/scripting More ❯

SOC incident queues and support asset baseline maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For … Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA). Academic background in cybersecurity or a related subject. Desirable Skills: Programming/scripting More ❯

key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews … effective shift models. Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem, and change management. It More ❯

context and collaborating with hunt teams to refine hypotheses. Conduct threat actor modelling, focusing on motivations, capabilities, and potential business impact. Map threat behaviours using the MITRE ATT&CK framework to support detection engineering. Develop and maintain threat profiles, adversary emulation plans, and attack surface insights. Deliver high quality briefings, reports, and threat assessments to … or penetration testing. Proven ability to collaborate with Red Teams, Blue Teams, and SOC functions. Strong understanding of adversary TTPs, threat modelling, and frameworks such as MITRE ATT&CK. Experience with threat intelligence platforms, SIEM systems, and enrichment tools. Familiarity with Breach and Attack Simulation platforms. Hands on experience with penetration testing tools such as Metasploit, Burp More ❯

context and collaborating with hunt teams to refine hypotheses. Conduct threat actor modelling, focusing on motivations, capabilities, and potential business impact. Map threat behaviours using the MITRE ATT&CK framework to support detection engineering. Develop and maintain threat profiles, adversary emulation plans, and attack surface insights. Deliver high quality briefings, reports, and threat assessments to … or penetration testing. Proven ability to collaborate with Red Teams, Blue Teams, and SOC functions. Strong understanding of adversary TTPs, threat modelling, and frameworks such as MITRE ATT&CK. Experience with threat intelligence platforms, SIEM systems, and enrichment tools. Familiarity with Breach and Attack Simulation platforms. Hands on experience with penetration testing tools such as Metasploit, Burp More ❯