1 to 25 of 30 Permanent MITRE ATT&CK Jobs in the UK

commercial platforms to enrich detections Investigate Indicators of Compromise (IOCs) and attacker behaviour Analyse adversary techniques and map activity to the MITRE ATT&CK framework Develop, tune and maintain detection rules for SIEM and EDR platforms Threat Intelligence Management Collect, validate and analyse cyber threat … Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real-world security incidents Excellent written and verbal communication skills Comfortable working in a client-facing ...

designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns Provide technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices Support go-to-market activities by creating technical content, conducting product demonstrations, and engaging with … customers Mentor and educate internal teams on SOC operations, threat landscapes, and analyst workflows Ensure product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models Customer & Pre-Sales Enablement Act as a trusted SOC and cyber defence expert ...

reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from … Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding ...

tune security tooling such as EDR, DLP, SIEM and SOAR to improve detection and response effectiveness. Apply frameworks such as MITRE ATT&CK and the cyber kill chain to map, detect and disrupt attacker tradecraft. Leverage offensive tooling (Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz, etc. … others. Strong experience with security tooling: EDR, DLP, SIEM, SOAR. Solid background in threat investigation and incident response. Good understanding of MITRE ATT&CK, cyber kill chain and common attacker tradecraft. Familiarity with offensive tools such as Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz. Strong knowledge ...

network traffic, endpoint telemetry, and logs Supporting live incident response and escalation activities Enhancing detection rules, playbooks, and tooling aligned to MITRE ATT&CK Producing clear, high-quality incident reports for technical and senior stakeholders Contributing to threat intelligence and proactive defence initiatives Keeping ahead … Proven experience working in a Security Operations Centre (SOC) Hands-on SIEM experience (Microsoft Sentinel, Splunk, or similar) Strong understanding of MITRE ATT&CK and modern detection methodologies Solid analytical skills across logs, endpoints, and network traffic Knowledge of core networking protocols (TCP/ ...

develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent … management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding ...

attacker behaviour Supporting incident response efforts with deep detection insight Expanding detection coverage using threat intelligence and adversary techniques mapped to MITRE ATT&CK Creating automation and playbooks to speed up triage and response Documenting detections and sharing knowledge with SOC analysts Main Skills Needed … rules using query languages like ESQL, KQL, or Lucene Practical SOC experience covering alert triage, investigation, and analysis Deep knowledge of MITRE ATT&CK, malware behaviour, lateral movement, and persistence techniques What’s in It for You: Work on genuinely meaningful systems in high-security ...

attacker behaviour Supporting incident response efforts with deep detection insight Expanding detection coverage using threat intelligence and adversary techniques mapped to MITRE ATT&CK Creating automation and playbooks to speed up triage and response Documenting detections and sharing knowledge with SOC analysts Main Skills Needed … rules using query languages like ESQL, KQL, or Lucene Practical SOC experience covering alert triage, investigation, and analysis Deep knowledge of MITRE ATT&CK, malware behaviour, lateral movement, and persistence techniques What’s in It for You: Work on genuinely meaningful systems in high-security ...

ingestion, enrichment and schema standardisation (ECS/CIM). Develop and tune security detection rules, translating threat intel and TTPs (MITRE ATT&CK) into actionable, low-noise alerts. Manage the full content lifecycle: design test deploy monitor tune retire, with version control and rollback. Automate … data quality and large-scale ingestion architectures (ECS/CIM). Proven ability to design, test and optimise detection content, including MITRE ATT&CK-aligned rules and risk-based alerting (RBA). Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise ...

organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide … with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident ...

Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP Top 10 Exposure to zero-trust principles Understanding of encryption, certificate management, secrets management Scripting & Automation PowerShell (essential) Python ...

passion for developing teams — coaching analysts and building collaborative, high-performing cultures. Strong understanding of frameworks and standards such as NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL. Excellent communication skills, with the ability to translate technical risks into clear business impacts. Desirable Vendor ...

strong understanding of IAM including RBAC, ABAC, PAM, provisioning, compliance and SSO. Apply threat-modelling approaches including OWASP, PASTA, STRIDE, MITRE ATT&CK, threat intelligence and threat hunting. Desirable Experience Design and assure secure network architectures and enterprise security solutions. Designing or assuring SOC operations ...

identity tools. Knowledge of DNS, DMARC/DKIM/SPF, networking fundamentals and TCP/IP. Familiarity with frameworks such as MITRE ATT&CK, ISO27001, CIS benchmarks, NIST, Cyber Essentials. Ability to explain technical concepts to non-technical audiences. Strong documentation, analysis and problem-solving ...

network fundamentals ✔️ Familiarity with Windows, Linux & macOS ✔️ Curious, analytical mindset with a genuine interest in cyber defence (Sentinel/CrowdStrike/MITRE ATT&CK/KQL experience is a bonus, not essential) Shift pattern 12-hour shifts : 2 days/2 nights/ ...

Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours ...

meetings What we're looking for: 2–3 years' experience in threat intelligence and/or threat hunting Strong understanding of MITRE ATT&CK, malware analysis, and adversary behaviour Hands-on experience with Microsoft Sentinel, Defender XDR, and threat intelligence platforms Proficiency in KQL, Python ...

Linux, and associated frameworks. Knowledge of web technologies (HTTP, REST, authentication flows, common web vulnerabilities). Familiarity with OWASP Top 10, MITRE ATT&CK, and secure coding concepts. Ability to analyse and break down complex technical systems. Strong written communication skills, particularly in producing structured ...

Develop scripts, tools and methodologies to increase Offensive Security's capabilities and educate other team members around automation and AI. Use MITRE ATT&CK Framework and other structured attack analysis tools to describe and classify attacker methodology and significance. Qualifications What your core background ...

Azure Security Engineer Associate Knowledge of cloud security principles and technologies Desirable: Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security Analyst ...

Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ATT&CK Producing clear incident reports, dashboards, and technical documentation Experience required: Strong hands-on experience in cybersecurity operations Deep expertise in Microsoft ...

possess: Strong experience with Microsoft-centric environments (M365, Azure, Intune, security baselines). Knowledge of compliance frameworks (NCSC guidance, Cyber Essentials), MITRE ATT&CK, encryption, IAM and secure configuration principles. The ability to manage operational workload while progressing ongoing improvement initiatives. Strong communication and stakeholder ...

background is at least in part within a health or health-related industry. 6. Knowledge of cyber security frameworks such as MITRE ATT&CK, SABSA, OWASP Skills Essential 1. Excellent people management skills and communication skills 2. Excellent communication skills - with ability to communicate complex ...

Master's as alternative) 3-5 years commercial penetration testing experience Strong understanding of offensive security techniques, OWASP Top 10, MITRE ATT&CK Deep knowledge of operating systems, networking protocols, and system architecture Experience with penetration testing tools (Burp Suite, Metasploit, custom scripts) Excellent communication ...

threat research, SOC, IR, or offensive security 3+ years building production-ready detections from attacker behaviour Strong knowledge of threat intelligence, MITRE ATT&CK, exploit lifecycles, and tradecraft Hands-on experience with honeypots, deception, or large-scale telemetry Skilled in Python and familiar with OpenSearch ...