20 of 20 Permanent MITRE ATT&CK Jobs in the UK excluding London

commercial platforms to enrich detections Investigate Indicators of Compromise (IOCs) and attacker behaviour Analyse adversary techniques and map activity to the MITRE ATT&CK framework Develop, tune and maintain detection rules for SIEM and EDR platforms Threat Intelligence Management Collect, validate and analyse cyber threat … Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real-world security incidents Excellent written and verbal communication skills Comfortable working in a client-facing ...

designers to ensure intuitive interfaces that match SOC analyst mental models and workflow patterns Provide technical consultation on threat detection logic, MITRE ATT&CK mapping, and security operations best practices Support go-to-market activities by creating technical content, conducting product demonstrations, and engaging with … customers Mentor and educate internal teams on SOC operations, threat landscapes, and analyst workflows Ensure product features align with industry frameworks (MITRE ATT&CK, NIST, ISO 27001) and SOC maturity models Customer & Pre-Sales Enablement Act as a trusted SOC and cyber defence expert ...

reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from … Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding ...

network traffic, endpoint telemetry, and logs Supporting live incident response and escalation activities Enhancing detection rules, playbooks, and tooling aligned to MITRE ATT&CK Producing clear, high-quality incident reports for technical and senior stakeholders Contributing to threat intelligence and proactive defence initiatives Keeping ahead … Proven experience working in a Security Operations Centre (SOC) Hands-on SIEM experience (Microsoft Sentinel, Splunk, or similar) Strong understanding of MITRE ATT&CK and modern detection methodologies Solid analytical skills across logs, endpoints, and network traffic Knowledge of core networking protocols (TCP/ ...

develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent … management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding ...

attacker behaviour Supporting incident response efforts with deep detection insight Expanding detection coverage using threat intelligence and adversary techniques mapped to MITRE ATT&CK Creating automation and playbooks to speed up triage and response Documenting detections and sharing knowledge with SOC analysts Main Skills Needed … rules using query languages like ESQL, KQL, or Lucene Practical SOC experience covering alert triage, investigation, and analysis Deep knowledge of MITRE ATT&CK, malware behaviour, lateral movement, and persistence techniques What’s in It for You: Work on genuinely meaningful systems in high-security ...

attacker behaviour Supporting incident response efforts with deep detection insight Expanding detection coverage using threat intelligence and adversary techniques mapped to MITRE ATT&CK Creating automation and playbooks to speed up triage and response Documenting detections and sharing knowledge with SOC analysts Main Skills Needed … rules using query languages like ESQL, KQL, or Lucene Practical SOC experience covering alert triage, investigation, and analysis Deep knowledge of MITRE ATT&CK, malware behaviour, lateral movement, and persistence techniques What’s in It for You: Work on genuinely meaningful systems in high-security ...

ingestion, enrichment and schema standardisation (ECS/CIM). Develop and tune security detection rules, translating threat intel and TTPs (MITRE ATT&CK) into actionable, low-noise alerts. Manage the full content lifecycle: design test deploy monitor tune retire, with version control and rollback. Automate … data quality and large-scale ingestion architectures (ECS/CIM). Proven ability to design, test and optimise detection content, including MITRE ATT&CK-aligned rules and risk-based alerting (RBA). Advanced knowledge of SPL, KQL and EQL, focused on detection quality and noise ...

organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide … with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident ...

passion for developing teams — coaching analysts and building collaborative, high-performing cultures. Strong understanding of frameworks and standards such as NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL. Excellent communication skills, with the ability to translate technical risks into clear business impacts. Desirable Vendor ...

Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours ...

meetings What we're looking for: 2–3 years' experience in threat intelligence and/or threat hunting Strong understanding of MITRE ATT&CK, malware analysis, and adversary behaviour Hands-on experience with Microsoft Sentinel, Defender XDR, and threat intelligence platforms Proficiency in KQL, Python ...

Develop scripts, tools and methodologies to increase Offensive Security's capabilities and educate other team members around automation and AI. Use MITRE ATT&CK Framework and other structured attack analysis tools to describe and classify attacker methodology and significance. Qualifications What your core background ...

Azure Security Engineer Associate Knowledge of cloud security principles and technologies Desirable: Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security Analyst ...

Sentinel playbooks Leading complex incident investigations and advanced threat response Proactive threat hunting using KQL and developing custom detections aligned to MITRE ATT&CK Producing clear incident reports, dashboards, and technical documentation Experience required: Strong hands-on experience in cybersecurity operations Deep expertise in Microsoft ...

possess: Strong experience with Microsoft-centric environments (M365, Azure, Intune, security baselines). Knowledge of compliance frameworks (NCSC guidance, Cyber Essentials), MITRE ATT&CK, encryption, IAM and secure configuration principles. The ability to manage operational workload while progressing ongoing improvement initiatives. Strong communication and stakeholder ...

background is at least in part within a health or health-related industry. 6. Knowledge of cyber security frameworks such as MITRE ATT&CK, SABSA, OWASP Skills Essential 1. Excellent people management skills and communication skills 2. Excellent communication skills - with ability to communicate complex ...

threat research, SOC, IR, or offensive security 3+ years building production-ready detections from attacker behaviour Strong knowledge of threat intelligence, MITRE ATT&CK, exploit lifecycles, and tradecraft Hands-on experience with honeypots, deception, or large-scale telemetry Skilled in Python and familiar with OpenSearch ...

Elastic Security and Splunk (Enterprise & ES) platforms Designing and managing SIEM data pipelines (ingestion, enrichment, ECS/CIM) Building and tuning MITRE ATT&CK-aligned detections with low noise Owning the SIEM content lifecycle end to end Automating SIEM workflows using CI/CD, SOAR ...

enhance detection capabilities in hybrid environments. Monitor networks and leverage threat intelligence to improve detection coverage, incorporating frameworks such as MITRE ATT&CK. Drive service improvements and efficiency through automation, tooling, and operational innovation. Engage with senior stakeholders, presenting detection effectiveness, KPIs, and continuous improvement initiatives. Ensure ...