2 of 2 Permanent Tradecraft Jobs in the Thames Valley

including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security event life cycle, including detection, investigation, and incident management ...

they manifest in logs and telemetry * Familiarity with MITRE ATT&CK framework * Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques ________________________________________ Incident Handling & Investigation * Experience handling security incidents through: o Detection and triage o Investigation and analysis o Handover to Incident Response teams ...