1 to 25 of 121 Permanent MITRE ATT&CK Jobs in the UK

Welwyn Garden City Employment: Contract (3 months) Rate : £600/Day Inside THE ROLE To design, develop and maintain high-quality detection logic aligned with the MITRE ATT&CK framework. The role involves close collaboration with SOC analysts, incident responders and threat intelligence teams to develop high-impact, context-rich use cases across Windows, Linux … thinking and strong content development skills to ensure detections are both effective and operationally relevant. KEY RESPONSIBILITIES Design, develop, and maintain robust detection content aligned to MITRE ATT&CK and threat-led priorities. Build and optimise detection queries using KQL, applying efficiency and best practices in logic construction. Support the full detection engineering lifecycle, including … to optimise query performance and maintain clarity of logic. Demonstrated experience with detection-as-code practices using GitHub or similar version control platforms. Deep understanding of MITRE ATT&CK, threat actor TTPs, and translating them into detection use cases. Familiarity with enterprise logging, data onboarding, and schema normalisation. Working knowledge of Sentinel, Defender for Endpoint More ❯

Welwyn Garden City Employment: Contract (3 months) Rate : £600/Day Inside THE ROLE To design, develop and maintain high-quality detection logic aligned with the MITRE ATT&CK framework. The role involves close collaboration with SOC analysts, incident responders and threat intelligence teams to develop high-impact, context-rich use cases across Windows, Linux … thinking and strong content development skills to ensure detections are both effective and operationally relevant. KEY RESPONSIBILITIES Design, develop, and maintain robust detection content aligned to MITRE ATT&CK and threat-led priorities. Build and optimise detection queries using KQL, applying efficiency and best practices in logic construction. Support the full detection engineering lifecycle, including … to optimise query performance and maintain clarity of logic. Demonstrated experience with detection-as-code practices using GitHub or similar version control platforms. Deep understanding of MITRE ATT&CK, threat actor TTPs, and translating them into detection use cases. Familiarity with enterprise logging, data onboarding, and schema normalisation. Working knowledge of Sentinel, Defender for Endpoint More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired): Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) : Experience in threat modelling & application security risk assessments, secure software More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired): Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) : Experience in threat modelling & application security risk assessments, secure software More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired): Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) : Experience in threat modelling & application security risk assessments, secure software More ❯

and tuning detection rules and use cases in SIEM and EDR platforms Monitoring and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response teams to support investigations and containment Enhancing detection coverage across network, endpoint, cloud, and identity sources Developing automation … detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE ATT&CK, threat actor tactics, and experience in incident detection, triage, and analysis within a SOC or similar environment Desirable Criteria Exposure to cloud security monitoring (AWS, Azure More ❯

and tuning detection rules and use cases in SIEM and EDR platforms Monitoring and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response teams to support investigations and containment Enhancing detection coverage across network, endpoint, cloud, and identity sources Developing automation … detection rule development using query languages (e.g. ESQL, KQL, Lucene), and practical understanding of log sources across network, endpoint, cloud, and identity platforms Solid knowledge of MITRE ATT&CK, threat actor tactics, and experience in incident detection, triage, and analysis within a SOC or similar environment Desirable Criteria Exposure to cloud security monitoring (AWS, Azure More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITRE ATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITRE ATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯

of security projects for internal and customer environments, including troubleshooting and client interaction. Contribute to the development and improvement of detection rules and response workflows using MITRE ATT&CK and Cyber Kill Chain models. Deliver outstanding operational support, actively driving outcomes for customers. What You’ll Bring You bring curiosity, structure, and a hunger to … security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting knowledge. Exposure to vulnerability management tools like Rapid7, Tenable, or Qualys. Understanding of the MITRE ATT&CK Framework and Cyber Kill Chain. Ability to communicate technical information clearly to both technical and non-technical audiences. Awareness of cloud computing, networking, firewalls and ITSM More ❯

of security projects for internal and customer environments, including troubleshooting and client interaction. Contribute to the development and improvement of detection rules and response workflows using MITRE ATT&CK and Cyber Kill Chain models. Deliver outstanding operational support, actively driving outcomes for customers. What You’ll Bring You bring curiosity, structure, and a hunger to … security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting knowledge. Exposure to vulnerability management tools like Rapid7, Tenable, or Qualys. Understanding of the MITRE ATT&CK Framework and Cyber Kill Chain. Ability to communicate technical information clearly to both technical and non-technical audiences. Awareness of cloud computing, networking, firewalls and ITSM More ❯

of security projects for internal and customer environments, including troubleshooting and client interaction. Contribute to the development and improvement of detection rules and response workflows using MITRE ATT&CK and Cyber Kill Chain models. Deliver outstanding operational support, actively driving outcomes for customers. What You’ll Bring You bring curiosity, structure, and a hunger to … security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting knowledge. Exposure to vulnerability management tools like Rapid7, Tenable, or Qualys. Understanding of the MITRE ATT&CK Framework and Cyber Kill Chain. Ability to communicate technical information clearly to both technical and non-technical audiences. Awareness of cloud computing, networking, firewalls and ITSM More ❯

of security projects for internal and customer environments, including troubleshooting and client interaction. Contribute to the development and improvement of detection rules and response workflows using MITRE ATT&CK and Cyber Kill Chain models. Deliver outstanding operational support, actively driving outcomes for customers. What You’ll Bring You bring curiosity, structure, and a hunger to … security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting knowledge. Exposure to vulnerability management tools like Rapid7, Tenable, or Qualys. Understanding of the MITRE ATT&CK Framework and Cyber Kill Chain. Ability to communicate technical information clearly to both technical and non-technical audiences. Awareness of cloud computing, networking, firewalls and ITSM More ❯

of security projects for internal and customer environments, including troubleshooting and client interaction. Contribute to the development and improvement of detection rules and response workflows using MITRE ATT&CK and Cyber Kill Chain models. Deliver outstanding operational support, actively driving outcomes for customers. What You’ll Bring You bring curiosity, structure, and a hunger to … security fundamentals. Familiarity with Linux/Unix-based systems and basic scripting knowledge. Exposure to vulnerability management tools like Rapid7, Tenable, or Qualys. Understanding of the MITRE ATT&CK Framework and Cyber Kill Chain. Ability to communicate technical information clearly to both technical and non-technical audiences. Awareness of cloud computing, networking, firewalls and ITSM More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯