14 of 14 Permanent MITRE ATT&CK Jobs in the City of London

SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) Solid understanding of Windows, Linux, and network security principles Experience with forensic or threat analysis techniques Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable Exposure to automation or SOAR tooling PowerShell or Python scripting skills GIAC or Microsoft security certifications This is an opportunity to … SIEM and EDR tools (Sentinel, Defender, CrowdStrike, etc.) * Solid understanding of Windows, Linux, and network security principles * Experience with forensic or threat analysis techniques * Familiarity with MITRE ATT&CK, NIST, or similar frameworks Desirable * Exposure to automation or SOAR tooling * PowerShell or Python scripting skills * GIAC or Microsoft security certifications This is an opportunity to More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

context and collaborating with hunt teams to refine hypotheses. Conduct threat actor modelling, focusing on motivations, capabilities, and potential business impact. Map threat behaviours using the MITRE ATT&CK framework to support detection engineering. Develop and maintain threat profiles, adversary emulation plans, and attack surface insights. Deliver high quality briefings, reports, and threat assessments to … or penetration testing. Proven ability to collaborate with Red Teams, Blue Teams, and SOC functions. Strong understanding of adversary TTPs, threat modelling, and frameworks such as MITRE ATT&CK. Experience with threat intelligence platforms, SIEM systems, and enrichment tools. Familiarity with Breach and Attack Simulation platforms. Hands on experience with penetration testing tools such as Metasploit, Burp More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS/IPS, and SOAR platforms. More ❯

scripting (e.g., Python, Bash, PowerShell) Experience creating SIEM rules or detection logic Exposure to cloud environments and related attack vectors Knowledge of threat hunting methods and MITRE ATT&CK Interest or experience in cross-functional collaboration (e.g., Threat Intel, Red Teams More ❯

ArcSight) Ability to perform log analysis across network, host, application, and cloud sources Understanding of malware behaviour, attack vectors, and common threat actor techniques Familiarity with MITRE ATT&CK, incident handling frameworks (NIST, SANS) Experience with alert investigation, root-cause analysis, and writing clear incident reports Ability to use EDR tools (CrowdStrike, Carbon Black, SentinelOne More ❯

threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯

mitigations Key Skills & Experience: Hands-on experience with Palo Alto Cortex XSOAR or other SOAR platforms Strong knowledge of threat detection and response engineering Familiarity with MITRE ATT&CK framework Proficiency in Python for automation and integration development Experience with query languages (KQL or similar) Understanding of REST APIs and ability to develop and consume More ❯

with Nmap, Nessus, Masscan, Burp Suite, Metasploit, Cobalt Strike, Mimikatz, SQLmap, ScoutSuite, Pacu, etc. Reporting expertise - ability to produce professional pentest reports with CVSS scoring and MITRE ATT&CK mapping for both technical and executive stakeholders. Contract Details: Duration: 6 months (with view to extend) Day Rate: Up to £500 per day (Inside IR35) Location More ❯

analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud security monitoring (AWS, Azure, GCP). Knowledge of frameworks such as NIST and MITRE ATT&CK. Qualifications Bachelor’s degree in Cyber Security, IT, or related field. 3–5 years in SOC operations, incident response, or threat intelligence. Practical experience with forensic investigations and More ❯

analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud security monitoring (AWS, Azure, GCP). Knowledge of frameworks such as NIST and MITRE ATT&CK. Qualifications Bachelor’s degree in Cyber Security, IT, or related field. 3–5 years in SOC operations, incident response, or threat intelligence. Practical experience with forensic investigations and More ❯

KQL queries, where efficiencies can be gained, best practices and how to build detection logic Highly proficient in Splunk to at least Power User level Good understanding of Mitre Attack framework and experience of referencing and building content to the framework. Familiar with GitHub technologies and CI/CD practices. Good enterprise level understanding of Windows and Linux More ❯