13 of 13 MITRE ATT&CK Jobs in the Midlands

log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK-aligned techniques and contribute to the design of the detection roadmap. Create and maintain bespoke investigation guides to assist SOC analysts in conducting triage and escalation. … during client interactions and project reviews. Desirable Skills and Experience Prior experience in Defence, Government, or Critical National Infrastructure environments. Familiarity with security frameworks such as MITRE ATT&CK, NIST CSF, or ISO 27001 including how to map TTP's to Rule coverage. Experience with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). More ❯

Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry More ❯

OpenTelemetry, and scripting. Security Use Cases & Threat Detection Build and maintain SIEM use cases, alerts, and dashboards for threat detection. Map detection rules to frameworks like MITRE ATT&CK, STRIDE, and NIST CSF. Collaborate with SOC teams to refine incident response workflows. Governance & Compliance Align SIEM architecture with Secure by Design and Zero Trust principles. More ❯

and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios and detection use cases using frameworks such as MITRE ATT&CK for ICS Performing vulnerability assessments, threat modelling and attack path analysis to identify and address security weaknesses Supporting risk assessments and compliance against standards such as More ❯

developing security reports, trends, and metrics analysis. Experience with the application of some of the following frameworks - SANS, NIST 800-61, CVSS, CIS, OSSTM, ISO 27001, MITRE ATT&CK, PCI, HIPAA, GDPR or similar. Experience with cloud security practices Experience with business and technical requirements analysis, business process modeling/mapping, methodology development, and data More ❯

.- Knowledge of security compliance, including access controls, authentication, and encryption using Elastic Security features.- Ability to create, test, and optimise detection rules based on the MITRE ATT&CK Framework.- Experience in performance tuning with Elasticsearch and Logstash, including monitoring Logstash pipelines.- Proficiency in using Kibana for data visualisation and monitoring. Advantageous:- Familiarity with offensive More ❯

experience in threat modelling complex infrastructures. Strong background in operational security (e.g., Threat Hunting, Red Team, or Intelligence). Familiarity with threat modelling frameworks (STRIDE, PASTA, MITRE ATT&CK, etc.). Knowledge of secure design principles and architecture reviews. Exposure to telecoms environments is highly desirable. Ability to work independently and meet tight deadlines. If More ❯

of the Elastic Stack (ELK) , with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch More ❯

reviews. Strong background in cybersecurity, ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities in a dynamic environment. All profiles will More ❯

reviews. Strong background in cybersecurity, ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities in a dynamic environment. All profiles will More ❯

reviews. * Strong background in cybersecurity, ideally with exposure to telecoms environments. * Background in operational security (Intelligence, Threat Hunting or Red Team) * Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) * Ability to drive work to tight timescales and deadlines. * Ability to work independently and manage priorities in a dynamic environment. What you need More ❯

reviews. * Strong background in cybersecurity, ideally with exposure to telecoms environments. * Background in operational security (Intelligence, Threat Hunting or Red Team) * Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) * Ability to drive work to tight timescales and deadlines. * Ability to work independently and manage priorities in a dynamic environment. What you need More ❯

in cybersecurity, ideally with exposure to telecoms environments. Experience in operational security (Intelligence, Threat Hunting, or Red Team). Familiarity with threat modelling frameworks such as MITRE ATT&CK, STRIDE, or PASTA. Ability to drive work to tight timescales and meet deadlines. Demonstrated ability to work independently and manage priorities in a dynamic environment. If More ❯