16 of 16 MITRE ATT&CK Jobs in the South East

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position SOC Shift Lead Permanent Location Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Lead incident response activities and collaborate with threat intelligence teams Enrich detection logic with contextual threat data Threat Modelling & Use Case Development Conduct threat modelling using MITRE ATT&CK, STRIDE, or Kill Chain frameworks Translate models into actionable SIEM use cases and detection rules Prioritize engineering efforts based on risk and business impact Reporting & Collaboration … query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks Understanding of network traffic flows and vulnerability management Exposure to ethical hacking and penetration testing Knowledge of ITIL disciplines (Incident, Problem, Change More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats … To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of More ❯

the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential impact of identified threats on both internal operations and customer environments. Track and document evolving threat trends, vulnerabilities, and attack vectors that could affect our … operations. What youll bring: Solid grasp of cybersecurity frameworks (e.g., MITRE ATT&CK) and threat analysis methodologies. Excellent analytical skills and able to synthesize complex threat data. Proven experience in a Cyber Threat Intelligence role. It would be great if you had: ? Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field. If More ❯

management, incident response and remediation tools. Strategic development in cyber threat intelligence research, process automation, knowledge sharing and team training. Skilled in using threat frameworks (e.g. MITRE ATT&CK, Cyber Kill chain). Experienced in using OSINT and security analysis tools (e.g. Shodan, Censys, Qualys, Virus Total, EDR, AV). Experience supporting incident response or More ❯

and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of More ❯

and playbooks. Identifying lessons learned to improve future incident response and detection strategies. Contribute to development of detection mechanisms for sophisticated adversarial techniques based on the MITRE ATT&CK framework. Purple Teaming and Advanced Testing Support the planning and response of purple teaming activities. Develop scenarios and artifacts that mimic real-world adversary groups for More ❯

response. About you Strong experience across both offensive and defensive cyber security disciplines. Deep understanding of attacker tactics, techniques, and procedures (TTPs), with expertise in the MITRE ATT&CK Framework. Hands-on technical knowledge in cyber detection engineering, security tools, and infrastructure. Skilled in Detection-as-Code and experienced with SIEM query languages. Confident communicator More ❯

prem to cloud) and detection-as-code deployments Establish activity baselines and integrate external enrichment sources Deploy and tune EDR, NDR, and XDR, mapping detection to MITRE ATT&CK Skills & Experience: Strong Defender XDR expertise (integration, tuning, automation, KQL) SIEM engineering (Sentinel, LogRhythm) and Infrastructure as Code (ARM, Bicep, Terraform) Background in EDR/NDR More ❯

ensure compliance with and company adherence to relevant regulations and control frameworks e.g. NCSC CAF, ONR SyAPs, ISO27001. Proven knowledge of adversary TTPs and frameworks like MITRE ATT&CK. Strong incident response, investigation, analysis, logging and reporting skills. Excellent communication and stakeholder management skills with the ability to translate complex technical threats and attack paths to non More ❯

engineering and technology, preferably in Financial Services, Technology, or a related field. Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong knowledge of AWS Security, specifically in areas More ❯

engineering and technology, preferably in Financial Services, Technology, or a related field. Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong knowledge of AWS Security, specifically in areas More ❯

engineering and technology, preferably in Financial Services, Technology, or a related field. Experience analyzing cybersecurity incidents using industry standard frameworks such as Cyber Kill Chain and MITRE ATT&CK. Experience handling cybersecurity incidents at each stage of the incident lifecycle, including initial analysis, triage, containment, eradication, recovery, and postmortem. Strong knowledge of AWS Security, specifically in areas More ❯

/CI/CD security and cloud-native architectures (containers, Kubernetes, Git). Strong knowledge of AI/ML-specific security vulnerabilities (adversarial attacks, data poisoning, prompt injection, MITRE ATLAS). Familiarity with global regulatory frameworks relevant to AI security. Excellent communication skills for engaging both technical and non-technical stakeholders. Esther Urtecho Senior Delivery Consultant London | Bristol More ❯