1 to 25 of 49 MITRE ATT&CK Jobs in the UK

integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security … tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior More ❯

integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security … tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior More ❯

integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security … tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior More ❯

integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security … tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior More ❯

integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security … tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

process to facilitate a proactive approach to management of the risk landscape presented to SSENT, utilising industry resources to monitor changes in the threat profile e.g. MITRE ATT&CK framework. • Assist in the creation and submission of reporting to effectively convey outputs of risk and control assessments to meet our regulatory and legal obligations. Work … tools and applications. Knowledge of security management frameworks would be beneficial; for example, ISO/IEC 27001/2 Standards, ITIL, NIST Cybersecurity Framework, NCSC CAF, MITRE ATT&CK framework, etc. The ability to work collaboratively across multiple disciplines and with a diverse group of colleagues ensuring collective accountability and individual responsibility for task ownership. More ❯

secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats … To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of More ❯

complex cyber risk environment. In this role, you will: Lead and grow a high-performing CTI team, building capabilities in line with leading frameworks such as MITRE ATT&CK and the Diamond Model. Oversee the full intelligence lifecycle — from requirement generation to collection, analysis, and reporting. Deliver high-quality threat intelligence services to clients, including … knowledge of nation-state campaigns, cybercrime ecosystems, and structured analytical techniques. Hands-on experience with STIX/TAXII, TIP/SIEM integration, and frameworks such as MITRE ATT&CK. Current or eligible for SC/DV clearance. CREST CTI Manager or equivalent certification. Desirable skills: Experience in intelligence-led threat modelling, adversary tracking, and malware/infrastructure More ❯

tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat Modelling & Use Case Development: Apply MITRE ATT&CK, STRIDE, and Kill Chain frameworks to build detection use cases. Reporting & Collaboration: Build security dashboards, produce reporting packs, and guide junior analysts and engineers. Client & Project … preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). Excellent stakeholder communication, with the ability to mentor More ❯

SOC, and the subsequent implementation of an agreed standard to improve this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst One of: CREST More ❯

SOC, and the subsequent implementation of an agreed standard to improve this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst One of: CREST More ❯

SOC, and the subsequent implementation of an agreed standard to improve this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst One of: CREST More ❯

SOC, and the subsequent implementation of an agreed standard to improve this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst One of: CREST More ❯

focused on delivering cyber threat intelligence, incident response, and cyber defence services. Design and implement CTI strategies, operational frameworks, and tooling, including alignment with models like MITRE ATT&CK and threat intelligence platforms (TIPs). Lead threat actor monitoring, oversee the full intelligence lifecycle, and foster relationships with external intelligence-sharing networks. Deliver clear, actionable More ❯

non-technical stakeholders. Skills/Must have: Proven experience working in a Security Operations Centre. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the Mitre ATT&CK framework. Strong understanding of networking fundamentals (TCP/IP, WANs, LANs, common Internet protocols). Knowledge of enterprise-grade security tools such as firewalls, VPNs, AV More ❯

management, incident response and remediation tools. Strategic development in cyber threat intelligence research, process automation, knowledge sharing and team training. Skilled in using threat frameworks (e.g. MITRE ATT&CK, Cyber Kill chain). Experienced in using OSINT and security analysis tools (e.g. Shodan, Censys, Qualys, Virus Total, EDR, AV). Experience supporting incident response or More ❯

work independently and collaboratively to achieve objectives. Previous experience within a Security Operations role. In-depth understanding of the cyber threat landscape, adversary tactics, and the MITRE ATT&CK framework. Knowledge of cloud environments and SaaS applications such as AWS, Azure, Office 365, and Defender. Ability to work under pressure and make informed judgment calls. More ❯

work independently and collaboratively to achieve objectives. Previous experience within a Security Operations role. In-depth understanding of the cyber threat landscape, adversary tactics, and the MITRE ATT&CK framework. Knowledge of cloud environments and SaaS applications such as AWS, Azure, Office 365, and Defender. Ability to work under pressure and make informed judgment calls. More ❯

must have demonstrable expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including remediations for the MITRE ATT&CK Framework and NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the More ❯

cyber threat intelligence Strong understanding of modern detection and response strategies Familiarity with SOC tooling (Sentinel, Defender, QRadar, Cortex XDR, etc.) Knowledge of threat frameworks like MITRE ATT&CK and NIST Self-starter who can work independently in a lean security function Comfortable driving change and making meaningful improvements in security posture Why Apply? Youll More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

and recommended mitigation strategies. What you will bring : Experience in Security Operations Centre. Demonstrable experience of Managing Microsoft Sentinel or Splunk implementations. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Deep technical knowledge in the analysis of More ❯