19 of 19 MITRE ATT&CK Jobs in the Midlands

using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection mechanisms. Conduct adversary simulation exercises to test and … operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules) Malware Analysis & Reverse Engineering Network & Endpoint Security Monitoring (EDR, IDS/IPS More ❯

Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel More ❯

Deep hands-on experience with Microsoft Security technologies. Proven track record in automation, Gen AI, or vulnerability management (especially Qualys). Strong grasp of security frameworks (MITRE ATT&CK, NIST, ISO 27001). Strategic mindset with the ability to communicate clearly across technical and non-technical audiences. A passion for innovation, mentoring, and staying ahead More ❯

compliance with data protection regulations. Detection Rule Development: Ability to create, test, and optimise detection rules to identify suspicious activities and potential threats based on the MITRE ATT&CK Framework Performance Tuning with Elasticsearch and Logstash: Fine-tune query performance using Elasticsearch indices and mappings. Monitor Logstash pipelines and optimize resource utilization. Kibana Visualization and More ❯

critical infrastructure. Proficiency with platforms such as Microsoft Defender for Endpoint, SentinelOne, Trellix, or other EDR solutions. Familiarity with SIEM tools and frameworks like NIST and MITRE ATT&CK. Knowledge of standards such as NERC CIP, CIS Benchmarks, NIST SP 800-82. Scripting and automation skills (PowerShell, Python, Bash). Understanding of cyber threats in the More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines and tools like Veracode, Trivy and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Microsoft Azure Security Engineer Associate or AWS equivalent is essential, along with Cyber Essentials More ❯

technical concepts to different audiences both verbally and in writing. Familiar with analytic techniques and common frameworks such as Cyber Kill Chain Model, Diamond Model, and MITRE ATT&CK Matrix, and a background using these methodologies/frameworks during intelligence gathering and analysis activities. Work analytically and critically and produce analysis that is repeatable and More ❯

the following technical competencies: Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. More ❯

The skills you'll need • Good understanding of Cyber Security Principles • Endpoint Detection and Response (EDR) security tooling (CrowdStrike) • Network Detection and Response (NDR) security tooling • Understanding the Mitre Attack framework • Good understanding of networks and protocols • Windows server knowledge • Linux server knowledge including containers • Public Cloud (AWS, Azure and GCP) understanding • Happy to work occasionally Out of More ❯

and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness More ❯

and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness More ❯

and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness More ❯

and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness More ❯

and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness More ❯

and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness More ❯

and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness More ❯

and learner success throughout the training programme Experience Required: Experience delivering cyber security training (SOC-focused delivery preferred) Familiar with tools and frameworks such as SIEM, MITRE ATT&CK, ELK, and endpoint/network forensics Comfortable delivering to diverse learners (remote or classroom-based) Strong communication, mentoring, and instructional skills OffSec Instructor Certification or willingness More ❯

no legacy systems in place!! We're looking for experience in: Threat hunting and incident response in complex environments Tracking and analysing TTPs using frameworks like MITRE ATT&CK Creating intelligence-led hunts and sharing actionable insights Cloud platforms (Azure, AWS, M365), Windows telemetry & endpoint visibility Strong reporting, stakeholder communication Details: Location: West Midlands (Hybrid More ❯