18 of 18 Permanent MITRE ATT&CK Jobs in the UK excluding London

reactive alert handling. You will actively hunt for malicious activity using telemetry, SIEM data, and threat intelligence, develop hypotheses based on MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), and support incident management and response activities when threats are identified. We are open to experienced … experience using SIEM platforms, including: Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security/Kibana (KQL, ESQL) Practical and operational understanding of MITRE ATT&CK, attacker techniques, and adversary tradecraft Experience working with Indicators of Compromise (IOCs) and threat intelligence feeds Solid experience across the security ...

Splunk Enterprise Security platforms Designing and maintaining log ingestion pipelines and data enrichment processes Developing and tuning detection rules aligned to MITRE ATT&CK techniques Managing the full lifecycle of detection content from design through to optimisation Automating security workflows using scripting, CI/… detection engineering Experience with automation, scripting or Infrastructure as Code in SIEM environments Understanding of MITRE ATT&CK and threat detection techniques Experience with high availability, disaster recovery and SIEM performance optimisation TO BE CONSIDERED Please either apply through this advert or email me directly ...

customer environments. Producing clear, insightful reports for both technical and non-technical audiences. Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence. What you’ll bring: Hands-on experience with Microsoft Sentinel and Splunk. Knowledge of the MITRE ATT&CK framework. Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security. Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.). Strong analytical thinking and structured problem-solving. An entry-level cyber security certification ...

reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from … Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding ...

continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility gaps. Tune and validate detections to minimise false positives and deliver high-fidelity alerts … detection patterns. Confidence to own technical delivery end-to-end, driving work through to completion with minimal escalation. Expert knowledge of MITRE ATT&CK, with real-world application in detection engineering. A BSc in Computer Science, IT, or a related discipline. Solid scripting skills ...

continuously refine advanced SIEM detection logic, including rules, correlations and analytics. Research emerging threats, vulnerabilities and adversary TTPs, mapping them to MITRE ATT&CK to close detection and visibility gaps. Tune and validate detections to minimise false positives and deliver high-fidelity alerts … detection patterns. Confidence to own technical delivery end-to-end, driving work through to completion with minimal escalation. Expert knowledge of MITRE ATT&CK, with real-world application in detection engineering. A BSc in Computer Science, IT, or a related discipline. Solid scripting skills ...

essential skills Experience working in a Security Operations Centre environment Hands-on experience with Microsoft Sentinel or Splunk Knowledge of the MITRE ATT&CK framework Understanding of networks and systems, including TCP/IP, firewalls, VPNs and endpoint security Strong analytical and problem-solving skills … client in conjunction with this vacancy only. KEY SKILLS: SOC Analyst, Security Operations Centre, Microsoft Sentinel, Splunk, SIEM, Incident Response, MITRE ATT and CK, Networking, SC Clearance ...

pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor, tune and retire, using version control … Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning to reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large ...

Required Experience & Skills 2–4 years’ experience in a SOC, CSIRT, or cyber defence environment Strong understanding of attack frameworks (e.g. MITRE ATT&CK, Cyber Kill Chain) Hands-on experience with SIEM and EDR tools (e.g. Microsoft Sentinel, Splunk, CrowdStrike, Defender) Experience in incident triage ...

certifications such as Security+, SC-200, CySA+, CISSP, or similar Experience with cloud security technologies (Azure, AWS, Microsoft 365) Knowledge of MITRE ATT&CK framework and threat hunting methodologies Scripting or automation experience (PowerShell, Python, etc.) What’s on Offer Hybrid working model ...

SIEM, SOAR, EDR, IDS/IPS, firewalls, and cloud-native security tooling. Knowledge of cyber security frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001, or CIS Controls. Demonstrated expertise in incident response and threat management. Experience working in hybrid cloud environments (Azure ...

Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable/Nice-to-Have: Experience with Python , Terraform , or CI/CD pipelines Familiarity ...

effective security controls aligned with business requirements using a risk-based approach. Familiarity with application attack tactics and techniques, including the MITRE ATT&CK framework, and security maturity models such as OpenSAMM and C2M2. Strong working knowledge of recognised security frameworks and standards, including NIST ...

Familiarity with SIEM platforms and security telemetry analysis Understanding of cloud security concepts (Azure, AWS, or GCP) Desirable Skills Knowledge of MITRE ATT&CK or Cyber Kill Chain frameworks Exposure to SaaS and cloud-native security tooling Experience with scripting or query languages (e.g. ...

intelligence disciplines such as OSINT, SIGINT, HUMINT, and their application Knowledge of structured analytical techniques and intelligence best practice Experience applying MITRE ATT&CK/D3FEND/ENGAGE frameworks in an operational context Clearance: BPSS + SC + UK EYES If you would like ...

standards and processes in large corporate IT environments Working knowledge of Cyber Security frameworks/methodologies (such as NIST, ISO 27001, MITRE ATT&CK, Lockheed Martin Kill Chain etc) Network Security Architect Due to the volume of applications received for positions, it will ...

cloud, and red/purple team engagements • Strong knowledge of penetration testing tools, techniques, and methodologies • In-depth understanding of MITRE ATT&CK framework and adversarial TTPs • Proven ability to identify, validate, and clearly articulate vulnerabilities and risk • Experience producing high-quality reports with clear ...

eg. RESTful APIs and containerised microservices. Up-to date on emerging threats and experienced with threat modelling frameworks eg. STRIDE/MITRE ATT&CK. Significant knowledge of cyber security domains and how they apply to Enterprise business environments eg. endpoint, network, cryptography and IAM. The nice ...