1 to 25 of 55 MITRE ATT&CK Jobs in the UK excluding London

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection mechanisms. Conduct adversary simulation exercises to test and … minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules) Malware Analysis & Reverse Engineering Network & Endpoint Security Monitoring (EDR, IDS/IPS More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking … capability and supporting career progression Enhancing team knowledge across SOC tooling , detection methodologies , and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation , findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements More ❯

secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats … To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of More ❯

the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential impact of identified threats on both internal operations and customer environments. Track and document evolving threat trends, vulnerabilities, and attack vectors that could affect our … operations. What youll bring: Solid grasp of cybersecurity frameworks (e.g., MITRE ATT&CK) and threat analysis methodologies. Excellent analytical skills and able to synthesize complex threat data. Proven experience in a Cyber Threat Intelligence role. It would be great if you had: ? Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field. If More ❯

and recovery. Experience with digital forensics, chain-of-custody procedures, and forensic tools. Awareness of incident response planning and tabletop exercises. Understanding of frameworks such as MITRE ATT&CK, the Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Desirable Qualifications & Skills: Certifications such as ECIH, Security+, BTL1, CySA+, SC More ❯

and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA More ❯

SOC, and the subsequent implementation of an agreed standard to improve this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst One of: CREST More ❯

using the ITIL framework. Ability to keep up to date with technology trends and to understand key technical drivers in the industry. Strong understanding of the MITRE ATT&CK and NIST Cybersecurity frameworks. Additional Information Your impact on Radius will be rewarded with the opportunity to develop and progress your career in many directions. You More ❯

enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security policies align with standards like NIST, ISO 27001, MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident More ❯

penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities More ❯

etc.) . Familiarity with cloud migration strategies and hybrid logging environments . Strong documentation skills and attention to detail . Experience with security frameworks such as MITRE ATT&CK, NIST, and CAF . Ability to troubleshoot complex ingestion or parsing issues and resolve at speed Essential Skills . Proven experience onboarding and managing log sources More ❯

Security Operations Center (SOC) or similar cybersecurity role. Demonstrable experience with cloud security monitoring and incident response. Familiarity with various attack vectors, threat intelligence frameworks (e.g., MITRE ATT&CK). A cyber/information security related degree and/or relevant cybersecurity qualifications would be beneficial e.g. CompTIA Security+, (ISC) SSCP or CySA+ Interviewing is More ❯

with Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

non-technical stakeholders. Skills/Must have: Proven experience working in a Security Operations Centre. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the Mitre ATT&CK framework. Strong understanding of networking fundamentals (TCP/IP, WANs, LANs, common Internet protocols). Knowledge of enterprise-grade security tools such as firewalls, VPNs, AV More ❯

cyber threat intelligence Strong understanding of modern detection and response strategies Familiarity with SOC tooling (Sentinel, Defender, QRadar, Cortex XDR, etc.) Knowledge of threat frameworks like MITRE ATT&CK and NIST Self-starter who can work independently in a lean security function Comfortable driving change and making meaningful improvements in security posture Why Apply? Youll More ❯

PHP, Git, PostgreSQL Cloud security skills, ideally in AWS Understanding of open-source risk management and enterprise tooling Exposure to ITIL service management disciplines Familiarity with MITRE ATT&CK and NIST cybersecurity frameworks Want to hear more or ready to apply? Think this is the role for you or interested in hearing more? Apply or More ❯

management, incident response and remediation tools. Strategic development in cyber threat intelligence research, process automation, knowledge sharing and team training. Skilled in using threat frameworks (e.g. MITRE ATT&CK, Cyber Kill chain). Experienced in using OSINT and security analysis tools (e.g. Shodan, Censys, Qualys, Virus Total, EDR, AV). Experience supporting incident response or More ❯

and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of More ❯