1 to 25 of 39 Permanent MITRE ATT&CK Jobs in the UK excluding London

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position SOC Shift Lead Permanent Location Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position SOC Shift Lead Permanent Location Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position SOC Shift Lead Permanent Location Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance.Due to the nature More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

threat detection and behavioural analysis. Design and implement incident response playbooks and integrate them with SOAR platforms to automate triage and response. Conduct threat modelling exercises (MITRE ATT&CK, STRIDE, Cyber Kill Chain) and translate them into actionable use cases. Perform in-depth investigations, coordinate incident response, and collaborate with threat intelligence teams. Produce dashboards … SPL/AQL, and scripting (Python, PowerShell). Solid understanding of threat detection, incident response, vulnerability management, and penetration testing . Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS . Strong communication and presentation skills, with the ability to work across technical and business teams. Relevant certifications (e.g., CISSP, GIAC, SC More ❯

coordinate incident response activities. Collaborate with threat intelligence teams to enhance detection logic. Threat Modelling & Use Case Development Lead threat modelling exercises using frameworks such as MITRE ATT&CK, STRIDE, and Cyber Kill Chain. Translate threat models into actionable detection use cases and SIEM rules. Prioritise detection engineering based on business risk and impact. Reporting … SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident More ❯

Lead incident response activities and collaborate with threat intelligence teams Enrich detection logic with contextual threat data Threat Modelling & Use Case Development Conduct threat modelling using MITRE ATT&CK, STRIDE, or Kill Chain frameworks Translate models into actionable SIEM use cases and detection rules Prioritize engineering efforts based on risk and business impact Reporting & Collaboration … query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks Understanding of network traffic flows and vulnerability management Exposure to ethical hacking and penetration testing Knowledge of ITIL disciplines (Incident, Problem, Change More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP More ❯

risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a … years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't have a fixed idea when it comes to background or education, provided you More ❯

secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats … To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of More ❯

the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential impact of identified threats on both internal operations and customer environments. Track and document evolving threat trends, vulnerabilities, and attack vectors that could affect our … operations. What youll bring: Solid grasp of cybersecurity frameworks (e.g., MITRE ATT&CK) and threat analysis methodologies. Excellent analytical skills and able to synthesize complex threat data. Proven experience in a Cyber Threat Intelligence role. It would be great if you had: ? Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field. If More ❯

the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors’ tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential impact of identified threats on both internal operations and customer environments. Track and document evolving threat trends, vulnerabilities, and attack vectors that could affect our … operations. What you’ll bring: Solid grasp of cybersecurity frameworks (e.g., MITRE ATT&CK) and threat analysis methodologies. Excellent analytical skills and able to synthesize complex threat data. Proven experience in a Cyber Threat Intelligence role. It would be great if you had: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related More ❯

Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR More ❯

Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR More ❯

Incident Response. Experience in performing analysis with SIEM technologies such as Splunk and/or Google Chronicle. Experience in performing proactive and reactive threat hunting using MITRE ATT&CK or similar frameworks. In-depth understanding and working knowledge of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR More ❯

work independently and collaboratively to achieve objectives. Previous experience within a Security Operations role. In-depth understanding of the cyber threat landscape, adversary tactics, and the MITRE ATT&CK framework. Knowledge of cloud environments and SaaS applications such as AWS, Azure, Office 365, and Defender. Ability to work under pressure and make informed judgment calls. More ❯

SOC, and the subsequent implementation of an agreed standard to improve this maturity where appropriate. Familiar with the following tools: Microsoft Sentinel Qualys VMDR Tenable VM MITRE ATT&CK Framework Desirable Certifications, Qualifications Experience: Computer Security Security Blue Team 1 or higher CompTIA Cyber Security Analyst SC-200 Microsoft Security Operations Analyst One of: CREST More ❯

recognized certifications such as CISSP, GIAC, CEH, or CompTIA CASP+. - Deep knowledge of security technologies (SIEM, SOAR, EDR, IDS/IPS, DLP, etc.), adversarial tactics (e.g., MITRE ATT&CK), and experience with incident response and security architecture. - Hands-on experience with security tools, including FortiSIEM, McAfee, Darktrace, Microsoft Sentinel, and more. - Understanding of compliance frameworks More ❯

recognized certifications such as CISSP, GIAC, CEH, or CompTIA CASP+. - Deep knowledge of security technologies (SIEM, SOAR, EDR, IDS/IPS, DLP, etc.), adversarial tactics (e.g., MITRE ATT&CK), and experience with incident response and security architecture. - Hands-on experience with security tools, including FortiSIEM, McAfee, Darktrace, Microsoft Sentinel, and more. - Understanding of compliance frameworks More ❯

email filtering, webapp firewalls and DDoS protections, proxies, host-based protections and malware analysis engines Good understanding of Cyber Detection and Response Concepts such as the MITRE ATT&CK framework for mapping adversary behaviours and improving detection coverageWe are proud to be a Disability Confident Committed employer. If you have a disability and would like More ❯