1 to 25 of 44 MITRE ATT&CK Jobs in the UK

reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced … experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security ...

cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise ratio Validate detection logic through simulations, threat emulation … platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design scalable and maintainable detection content in complex environments Strong documentation and stakeholder communication ...

escalation playbooks; suggest improvements based on recurring issues or inefficiencies. Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape. Essential: 2-4 years of experience in a SOC, IT Operations, or security … Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification. ...

cyber security incidents Use EDR and SIEM tooling to investigate, contain, and remediate threats Map detection and response activities to the MITRE ATT&CK framework SOAR & Automation Design and implement SOAR workflows to automate response actions Reduce manual analyst effort and improve mean-time … Solid understanding of networking concepts and protocols Experience securing cloud environments (AWS and/or Azure) Strong working knowledge of the MITRE ATT&CK framework Desirable Experience 2+ years using Vulnerability Assessment tools Exposure to penetration testing and web application security testing ...

capabilities • Act as senior decision-maker during major incidents and crisis situations • Develop and implement SOC use cases aligned to the MITRE ATT&CK framework • Drive continuous improvement across SOC processes, tooling, and playbooks • Collaborate with Security Engineering to optimise detection pipelines • Build strong relationships … effectively in high-pressure situations Technical skills • SIEM platforms — Sentinel, Splunk, Elastic or similar • SOC operations, detection engineering, and security tooling • MITRE ATT&CK framework and use case development • Demonstrated ability to operate effectively in high-pressure situations • Security pipelines, integrations, and emerging AI/ ...

Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP Top 10 Exposure to zero-trust principles Understanding of encryption, certificate management, secrets management Scripting & Automation PowerShell (essential) Python ...

optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute ...

optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute ...

SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling. Knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls. Demonstrated expertise in incident response and threat management. Experience working in hybrid cloud environments (Azure ...

similar cyber defence environment Demonstrable leadership or team management within an operational setting Strong knowledge of industry frameworks such as MITRE ATT&CK, D3FEND or ENGAGE Proficiency with SIEM platforms and security analytics tooling Strong analytical mindset with an innovative approach to problem-solving Desirable ...

intelligence platforms Practical experience handling security incidents, threat hunting, and investigations Solid understanding of attacker tactics, techniques, and frameworks such as MITRE ATT&CK Proven experience working with clients in a consultative or advisory capacity Background working within an MSSP environment Desirable CISSP, CISM, GIAC ...

intelligence platforms Practical experience handling security incidents, threat hunting, and investigations Solid understanding of attacker tactics, techniques, and frameworks such as MITRE ATT&CK Proven experience working with clients in a consultative or advisory capacity Background working within an MSSP environment Desirable CISSP, CISM, GIAC ...

Security Operations environments * Hands-on experience with SIEM platforms and vulnerability management tools * Experience with EDR technologies and knowledge of the MITRE ATT&CK framework * Experience with security use case development and log source onboarding * Good understanding of network security, IAM and operating systems * Knowledge ...

SIEM platforms, specifically Splunk Enterprise & Enterprise Security and Elastic Stack/Elastic Security Deep knowledge of detection engineering, threat intelligence frameworks (MITRE ATT&CK), and noise reduction techniques Hands-on experience with data ingestion tools such as Elastic Agent, Beats, Splunk UF/HF, Syslog ...

Splunk experience, including SPL development and Splunk ES administration Solid understanding of network protocols, cloud environments (AWS/Azure), and the MITRE ATT&CK framework Experience with vulnerability assessment tools (2+ years desirable) Exposure to penetration testing or web application security testing Desirable Certifications Security ...

managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Additional Skills: Experience with Vulnerability Assessment (VA) tools, Penetration Testing, and Web Application Testing is a significant bonus. Desired Qualifications: Mandatory ...

managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Additional Skills: Experience with Vulnerability Assessment (VA) tools, Penetration Testing, and Web Application Testing is a significant bonus. Desired Qualifications: Mandatory ...

managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Vulnerability Assessment: 2+ years using VA tools would be a bonus Penetration Testing: Exposure to Penetration Testing and Web Application Testing. ...

managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Vulnerability Assessment: 2+ years using VA tools would be a bonus Penetration Testing: Exposure to Penetration Testing and Web Application Testing. ...

Insight, Discover) Strong Splunk expertise, including SPL and Enterprise Security (ES) Solid understanding of: Network protocols Cloud security (AWS/Azure) MITRE ATT&CK framework Additional desirable experience: Vulnerability Assessment tools Penetration Testing/Web Application Testing exposure Security policy and standards development Certifications (Desirable ...

cloud-native security controls. Strong general Cyber Security Knowledge. In-depth knowledge of common threats, attacker tools and techniques and MITRE ATT&CK is advantageous. Familiarity with functionality of common security toolsets (such as SIEM and EDR); previous experience in configuring or managing is advantageous. ...

Advanced Splunk/Splunk ES experience, including strong SPL capability Solid understanding of networking, cloud security (AWS/Azure), and the MITRE ATT&CK framework Experience with vulnerability management, penetration testing, or web application testing is advantageous ...

managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK Vulnerability Assessment : 2+ years using VA tools would be a bonus Penetration Testing : Exposure to Penetration Testing and Web Application Testing. ...

Splunk Enterprise Security (ES) Splunk Certified Cybersecurity Defence Engineer (MANDATORY) Strong understanding of: Network security & protocols Cloud security (AWS/Azure) MITRE ATT&CK framework Desirable Experience Vulnerability Assessment tools (2+ years preferred) Exposure to Penetration Testing/Web Application Testing Experience developing security policies ...

similar. Strong knowledge of network security, threat detection, and incident response. Experience analysing malware, security alerts, and attack patterns. Understanding of MITRE ATT&CK framework and its application in threat detection and mitigation. Experience working with EDR tools and endpoint security technologies. Knowledge of firewalls ...