1 to 25 of 149 Remote MITRE ATT&CK Jobs

analysis EDR and anti-malware tools IAM and user access monitoring Email/phishing protection Threat hunting and forensic handling Cloud security (Azure, AWS) Familiar with: MITRE ATT&CK framework SIEM tools and log analysis Security frameworks: ISO 2700x, NIST, ITIL, COBIT, CIS Advantageous: Scripting and automation (PowerShell, Python, APIs) Strong analytical and problem-solving More ❯

Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry More ❯

solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on experience with cloud security analytics (AWS, Azure, GCP). Familiarity with NIST, MITRE ATT&CK, and other security frameworks. Soft Skills: Intermediate - Seeks to acquire knowledge in area of specialty Intermediate - Ability to identify basic problems and procedural irregularities, collect data More ❯

solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on experience with cloud security analytics (AWS, Azure, GCP). Familiarity with NIST, MITRE ATT&CK, and other security frameworks. Soft Skills: Intermediate - Seeks to acquire knowledge in area of specialty Intermediate - Ability to identify basic problems and procedural irregularities, collect data More ❯

solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on experience with cloud security analytics (AWS, Azure, GCP). Familiarity with NIST, MITRE ATT&CK, and other security frameworks. Soft Skills: Intermediate - Seeks to acquire knowledge in area of specialty Intermediate - Ability to identify basic problems and procedural irregularities, collect data More ❯

solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on experience with cloud security analytics (AWS, Azure, GCP). Familiarity with NIST, MITRE ATT&CK, and other security frameworks. Soft Skills: Intermediate - Seeks to acquire knowledge in area of specialty Intermediate - Ability to identify basic problems and procedural irregularities, collect data More ❯

solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on experience with cloud security analytics (AWS, Azure, GCP). Familiarity with NIST, MITRE ATT&CK, and other security frameworks. Soft Skills: Intermediate - Seeks to acquire knowledge in area of specialty Intermediate - Ability to identify basic problems and procedural irregularities, collect data More ❯

solutions. Experience with machine learning models for threat detection and behavioral analytics. Hands-on experience with cloud security analytics (AWS, Azure, GCP). Familiarity with NIST, MITRE ATT&CK, and other security frameworks. Soft Skills: Intermediate - Seeks to acquire knowledge in area of specialty Intermediate - Ability to identify basic problems and procedural irregularities, collect data More ❯

Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a SOC team Desirable (Nice-to-Have … advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices More ❯

Threat Hunting & Detection Engineering - Perform proactive threat hunting using KQL within Microsoft Sentinel. - Develop and fine-tune custom analytics rules, workbooks, and hunting queries. - Apply the MITRE ATT&CK framework to build coverage and improve threat visibility. Security Engineering & Platform Management - Onboard and integrate new data sources into Microsoft Sentinel, ensuring accurate log ingestion and More ❯

responders, and stakeholders to enrich detection capabilities and enhance the organization's overall cybersecurity posture. Key Responsibilities: Analyze, document, and track adversary TTPs using frameworks like MITRE ATT&CK, and integrate findings into threat detection strategies. Produce detailed cyber threat intelligence reports, briefings, and technical advisories for internal and external stakeholders. Fuse data from multiple … in Cyber Threat Intelligence, Threat Hunting, or Incident Response roles In-depth knowledge of adversary TTPs, threat actor profiles, and cyber kill chain methodologies Familiarity with MITRE ATT&CK, Diamond Model, and other CTI frameworks Strong writing, communication, and briefing skills for both technical and executive audiences Experience working with tools such as ThreatConnect, MISP More ❯

responders, and stakeholders to enrich detection capabilities and enhance the organization's overall cybersecurity posture. Key Responsibilities: Analyze, document, and track adversary TTPs using frameworks like MITRE ATT&CK, and integrate findings into threat detection strategies. Produce detailed cyber threat intelligence reports, briefings, and technical advisories for internal and external stakeholders. Fuse data from multiple … in Cyber Threat Intelligence, Threat Hunting, or Incident Response roles In-depth knowledge of adversary TTPs, threat actor profiles, and cyber kill chain methodologies Familiarity with MITRE ATT&CK, Diamond Model, and other CTI frameworks Strong writing, communication, and briefing skills for both technical and executive audiences Experience working with tools such as ThreatConnect, MISP More ❯

and threat modeling for modern web applications. Conduct security reviews of design and architecture documents; lead threat modeling exercises using frameworks such as STRIDE, PASTA, MITRE ATT&CK, and DREAD. Build and refine detection and response capabilities using logs, alerts, and behavioral signals. Lead or support incident response activities, including log analysis, querying, forensic investigation … developers, write clear documentation, and engage stakeholders. Nice to have: Certifications such as OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. More ❯

high- and low-level design documentation Lead configuration of Splunk and associated infrastructure (AWS EC2, S3, SQS, etc.) Drive use case development aligned with CSOC and MITRE ATT&CK framework Attend and represent the project at key technical forums (ADF, TDA, workshops) Deliver improvements to SIEM architecture, use cases, automation, and data enrichment Improve onboarding More ❯

as a point of contact for intrusion analysis, forensics, and incident response queries. Managing ADHOC and regular products during capacity constraints. Knowledge of Cyber Kill Chain, MITRE ATT&CK, and developing new analytics and playbooks. Requirements Technical: 3+ years in Cyber Threat Intelligence, research, and investigation. Experience in incident response and management. Understanding of threats More ❯

sufficient quality for distribution In-depth knowledge of the various techniques and frameworks used within the Cyber Threat Intelligence Domain, Including the Cyber Kill Chain and MITRE ATT&CK Development of new analytics and playbooks that result in creation of new detection rules/analytics Requirements Technical 3+ years’ experience in Cyber Threat Intelligence, and More ❯

sufficient quality for distribution In-depth knowledge of the various techniques and frameworks used within the Cyber Threat Intelligence Domain, Including the Cyber Kill Chain and MITRE ATT&CK Development of new analytics and playbooks that result in creation of new detection rules/analytics Requirements Technical 3+ years' experience in Cyber Threat Intelligence, and More ❯

off the cloud’ using Microsoft Graph API, app registrations, and managed identities. Ability to research and learn new tools and techniques quickly. Good understanding of the MITRE ATT&CK Framework. Strong knowledge of networking concepts and protocols (TCP/IP, UDP, DNS, DHCP, HTTP). Experience in Intrusion Analysis on Windows Devices and Azure Cloud More ❯

and root cause analyses for complex incidents. Experience with SIEM platforms, endpoint detection and response tools, and network traffic analysis. Strong understanding of attack frameworks (e.g. MITRE ATT&CK) and the ability to apply them to threat hunting and incident response. Experience creating detection rules, playbooks, and workflows to improve SOC detection and response efficiency. More ❯

/and trusted external stakeholders. Collaboration and Support • Supporting Security Operations, Threat Hunting, and engineering teams through prioritised intelligence requirements. • Aligning to cyber frameworks such as MITRE ATT&CK, Cyber Kill Chain, Pyramid of Pain, and Diamond Model to contextualise threats. Continuous Learning and Adaptation • Staying current on threat trends, tools, and techniques to ensure … query languages. • Experience of intelligence collection and processing techniques, including OSINT. • Exposure to Structured Analytic Techniques (like ACH) and quantitative methods. • Application of cyber frameworks like MITRE ATT&CK, Cyber Kill Chain, and Diamond Model in pursuit of producing high-quality intelligence. • Assisting with malware triage, including static and dynamic analysis, to identify and mitigate More ❯

of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic … PowerShell/Bash are a plus. Understanding of DevOps, git. * . * * Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR More ❯

firewalls). Analytical Skills: Proficiency in analysing log sources and data normalization using platforms such as Splunk, Elastic, or similar. Frameworks & Methodologies: Deep knowledge of the MITRE ATT&CK framework, Cyber Kill Chain, NIST, and related methodologies. Communication: Excellent verbal and written communication skills, with the ability to work both independently and collaboratively. Desirable Certifications More ❯

DigitalOcean, AWS, or GCP). Deep understanding of key industry frameworks and controls including NIST CSF, CIS CSC, PCI-DSS, Cyber Defense Matrix, ISO 27001, and MITRE ATT&CK. Familiarity with a broad range of security tools and technologies including EDR, SIEM, SWG, CASB, DLP, & IDS/IPS. Preferred certifications: CCSP, CASP+, CISSP, Security+, CEH. Experience with More ❯

as use of Microsoft Graph API, app registrations and managed identities · Ability to quickly research and learn about new tools and techniques · Good working knowledge of MITRE ATT&CK Framework Good working knowledge of networking concepts & protocols (TCP/IP, UDP, DNS, DHCP, HTTP, etc.) · Intrusion Analysis on Windows Devices and Azure Cloud Architecture. · Relevant More ❯

tools (e.g., Terraform, Ansible, PowerShell, Python). • Strong understanding of Agile methodologies, including participation in Scrum, SAFe, or Agile delivery teams. • Familiarity with frameworks such as MITRE ATT&CK, NIST CSF, Zero Trust, and architectural models (e.g., TOGAF, SABSA). Preferred Qualifications • Bachelor's or Master's degree in Cybersecurity, Computer Science, Network Engineering, or More ❯