20 of 20 Permanent MITRE ATT&CK Jobs in the UK excluding London

/XDR, cloud, identity, and network data sources. - Apply a threat-led approach, developing detections mapped to adversary tradecraft using the MITRE ATT&CK framework, the Cyber Kill Chain, and the Diamond Model. - Rapidly create new detections in response to emerging threats, Cyber Threat Intelligence … incident or hunt findings. - Contribute to the detection library, ensuring detections are version-controlled, documented, tested, and mapped to MITRE ATT&CK coverage. - Tune and optimise existing detections to reduce false positives and continuously improve fidelity. - Practise Detection-as-Code, using Git-based workflows, peer ...

within the team. Demonstrable experience leading cyber security incident response (incident command), from detection through containment and remediation. Working knowledge of MITRE ATT&CK and at least one recognised control framework (ISO 27001, CIS or NIST). Risk-based prioritisation of remediation using threat intelligence. … tooling (e.g. CrowdStrike or equivalent) in a production environment. Prioritised and managed a risk-based security backlog, applying frameworks such as MITRE ATT&CK and threat-based prioritisation. Assured the delivery of security initiatives across distributed teams or sites, tracking vulnerability remediation and patching through ...

Threat & Adversary Knowledge * Understanding of attacker Tactics, Techniques and Procedures (TTPs) and how they manifest in logs and telemetry * Familiarity with MITRE ATT&CK framework * Evidence of staying up to date with: o Emerging threats o Adversary tradecraft o Defensive techniques ________________________________________ Incident Handling & Investigation * Experience … Analyst, Cyber Security Analyst, Microsoft Sentinel, Splunk, Elastic SIEM, KQL, SPL, ES|QL, Threat Detection, Incident Response, EDR, IDS/IPS, MITRE ATT&CK, Cyber Defence ...

customer environments. Producing clear, insightful reports for both technical and non-technical audiences. Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence. What you’ll bring: Hands-on experience with Microsoft Sentinel and Splunk. Knowledge of the MITRE ATT&CK framework. Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security. Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.). Strong analytical thinking and structured problem-solving. An entry-level cyber security certification ...

reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from … Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding ...

customer environments. Producing clear, insightful reports for both technical and non-technical audiences. Enhancing detection rules and use cases aligned to MITRE ATT&CK and threat-informed defence. What you'll bring: Hands-on experience with Microsoft Sentinel and Splunk. Knowledge of the MITRE ATT&CK framework. Understanding of client-server and multi-tier applications, databases, firewalls, VPNs and endpoint security. Solid networking fundamentals (TCP/IP, LAN/WAN, HTTP, SMTP, FTP, LDAP, etc.). Strong analytical thinking and structured problem-solving. An entry-level cyber security certification ...

network traffic to identify malicious activity. Contribute to the development and improvement of detection rules and use cases aligned to the MITRE ATT&CK framework. Support continuous improvement of SOC processes, tooling, and incident response playbooks. Maintain clear and accurate incident documentation, including reports … environment. It would be great if you had: Experience improving detection content or threat-informed defense use cases. Familiarity with the MITRE ATT&CK framework. Scripting or automation experience (e.g. Python, PowerShell, Bash). Exposure to malware analysis or reverse engineering (not required ...

pipelines, including log ingestion, enrichment and schema standardisation. Develop and tune security detection content, translating threat intelligence and TTPs aligned to MITRE ATT&CK into actionable, high-value alerts. Manage the full detection content lifecycle: design, test, deploy, monitor, tune and retire, using version control … Strong hands-on knowledge of SIEM engineering, including indexing, parsing, onboarding and performance tuning. Experience designing and optimising detection content, including MITRE ATT&CK-aligned use cases and alert tuning to reduce noise. Good understanding of data pipeline engineering, log enrichment, data quality and large ...

platforms Knowledge of cybersecurity frameworks such as NIST, ISO27001, CIS benchmarks and Cyber Essentials Experience with threat intelligence frameworks such as MITRE ATT&CK and Cyber Kill Chain Familiarity with Data Loss Prevention technologies and Microsoft 365 security tooling Exposure to DevSecOps practices and cloud ...

including TCP/IP, DNS, firewalls, and proxies. Experience within a SOC, NOC, or 24/7 operational environment. Familiarity with MITRE ATT&CK, CVEs, and vulnerability management. Exposure to cloud security monitoring across Azure, AWS, or Microsoft 365. Desirable Certifications Microsoft SC-200 CompTIA ...

Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology ...

Query Language) Microsoft Defender XDR technologies Threat Hunting experience Detection Engineering Security Automation Vulnerability Assessment platforms such as Qualys Knowledge of MITRE ATT&CK Exposure to NIST, ISO27001 or CIS Controls Experience supporting regulated environments Why Apply? This organisation is a recognised international technology ...

experience in threat hunting at a large enterprise environment. Experience with incident response, SOC, or detection engineering. Deep understanding of the MITRE ATT&CK framework and how to practically apply it to threat hunting methodologies and detection logic. ·Proficiency in complex query writing (e.g. ...

Experience across SIEM, EDR/XDR, vulnerability scanning, and cloud security Knowledge of detection engineering, log pipelines, and threat frameworks (e.g. MITRE ATT&CK) Scripting/automation skills (PowerShell, Python, or similar) Solid understanding of networking, Azure, and security architecture Experience working in regulated environments ...

escalation point for Tier 1, owning investigations end-to-end triaging SIEM and EDR alerts, leading incident response, hunting threats using MITRE ATT&CK, and tuning detections to cut noise. Youll also mentor junior analysts and help mature playbooks and runbooks. Were looking for 3+ ...

escalation point for Tier 1, owning investigations end-to-end — triaging SIEM and EDR alerts, leading incident response, hunting threats using MITRE ATT&CK, and tuning detections to cut noise. You’ll also mentor junior analysts and help mature playbooks and runbooks. We’re looking ...

endpoint detection platforms* Knowledge of identity and access management, directory services, or privileged access solutions* Understanding of security frameworks such as MITRE ATT&CK* Experience working in secure or regulated environments* Strong problem-solving skills and ability to work at a detailed technical level* Familiarity ...

standards and processes in large corporate IT environments • Working knowledge of Cyber Security frameworks/methodologies (such as NIST, ISO 27001, MITRE ATT&CK, Lockheed Martin Kill Chain etc) Network Security Architect Due to the volume of applications received for positions, it will ...

certifications. Experience within regulated or critical service environments. Knowledge of security frameworks such as NIST CSF, ISO 27001, CIS Controls, or MITRE ATT&CK. Experience managing third-party SOC or security service providers. ...

Good understanding of SIEM lifecycle management and security telemetry. Knowledge of cloud environments and IT infrastructure. Familiarity with frameworks such as MITRE ATT&CK. Ability to analyse threats and translate them into detection capability. Nice to have: Experience with SOAR (Logic Apps/Splunk SOAR). Detection ...