6 of 6 Contract MITRE ATT&CK Jobs in the UK excluding London

hypothesis-driven threat hunting activities across endpoint, network, cloud, identity, and SaaS environments Develop and maintain threat hunting playbooks aligned to MITRE ATT&CK techniques Identify stealthy, low-and-slow, and novel attack patterns not detected by automated controls Translate threat intelligence into actionable hunt … platforms (e.g. Sentinel, Splunk, Elastic) EDR/XDR solutions (e.g. Defender, CrowdStrike, SentinelOne) Network and cloud security telemetry Strong understanding of: MITRE ATT&CK Windows, Linux, and cloud attack techniques Malware behaviours, credential abuse, lateral movement, and persistence mechanisms Leadership & Soft Skills Demonstrated ability ...

escalation playbooks; suggest improvements based on recurring issues or inefficiencies. Threat Awareness: Maintain awareness of current cyber threats, attacker techniques (MITRE ATT&CK), and industry trends relevant to the organisations threat landscape. Essential: 2-4 years of experience in a SOC, IT Operations, or security … Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification. ...

security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers, and technical teams Desirable: Relevant certifications (e.g. CISSP, CISM, AZ-500, SC-200) [Cyber Secu...ty Manager ...

data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure platform performance, scalability, and resilience (HA/ ...

data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure platform performance, scalability, and resilience (HA/ ...

during both day to day operations and during security incidents. - A good understanding of the incident response lifecycle, common attack techniques (MITRE ATT&CK), and how incident response processes integrate with threat detection, monitoring, and wider security operations. ...