Welwyn Garden City Employment: Contract (3 months) Rate : 600/Day Inside THE ROLE To design, develop and maintain high-quality detection logic aligned with the MITREATT&CK framework. The role involves close collaboration with SOC analysts, incident responders and threat intelligence teams to develop high-impact, context-rich use cases across Windows, Linux … thinking and strong content development skills to ensure detections are both effective and operationally relevant. KEY RESPONSIBILITIES Design, develop, and maintain robust detection content aligned to MITREATT&CK and threat-led priorities. Build and optimise detection queries using KQL, applying efficiency and best practices in logic construction. Support the full detection engineering lifecycle, including … to optimise query performance and maintain clarity of logic. Demonstrated experience with detection-as-code practices using GitHub or similar version control platforms. Deep understanding of MITREATT&CK, threat actor TTPs, and translating them into detection use cases. Familiarity with enterprise logging, data onboarding, and schema normalisation. Working knowledge of Sentinel, Defender for Endpoint More ❯
Welwyn Garden City Employment: Contract (3 months) Rate : 600/Day Inside THE ROLE To design, develop and maintain high-quality detection logic aligned with the MITREATT&CK framework. The role involves close collaboration with SOC analysts, incident responders and threat intelligence teams to develop high-impact, context-rich use cases across Windows, Linux … thinking and strong content development skills to ensure detections are both effective and operationally relevant. KEY RESPONSIBILITIES Design, develop, and maintain robust detection content aligned to MITREATT&CK and threat-led priorities. Build and optimise detection queries using KQL, applying efficiency and best practices in logic construction. Support the full detection engineering lifecycle, including … to optimise query performance and maintain clarity of logic. Demonstrated experience with detection-as-code practices using GitHub or similar version control platforms. Deep understanding of MITREATT&CK, threat actor TTPs, and translating them into detection use cases. Familiarity with enterprise logging, data onboarding, and schema normalisation. Working knowledge of Sentinel, Defender for Endpoint More ❯
proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITREATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITREATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯
Peterborough, Cambridgeshire, UK Hybrid / WFH Options
Sanderson
proactively searching for and identifying threat actors that have evaded traditional security defences. This role requires a deep understanding of attacker tactics, techniques, and procedures (TTPs), MITREATT&CK Framework, cyber kill chain as well as the ability to analyse large datasets to uncover hidden threats. The ideal candidate will be a creative and analytical … Splunk, QRadar), EDR (e.g., CrowdStrike, SentinelOne) and threat intelligence platforms. Strong scripting skills in at least one language (e.g., Python, PowerShell). Solid understanding of the MITREATT&CK framework and its application in threat hunting. Strong analytical and problem-solving skills with a keen eye for detail. Ability to think like an adversary and More ❯
incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITREATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve More ❯
Procient with Python, Git/GitHub and developing security tooling integrations and automations Hands-on experience with Splunk Cloud, Enterprise Security, and SOAR Deep understanding of MITREATT&CK and how to apply it practically Familiarity with offensive security concepts, attacker tradecraft or incident response Excellent technical writing and documentation skills Comfortable presenting to technical More ❯
processes and procedures and train the SOC team on how to follow them efficiently and effectively Design, develop and deliver Sentinel solutions to clients Use the MITREATT&CK cybersecurity knowledge base to enable the necessary steps to take to help predict an adversarys behaviour and next move, and quickly and effectively respond to an More ❯
XDR, Purview, and Entra ID. Experience with scripting languages, particularly PowerShell, for automation and management. Familiarity with common cybersecurity frameworks and attack methodologies, such as the MITREATT&CK framework. Microsoft Certified: Security Operations Analyst Associate (SC-200; SC-300; SC-400). Certified Information Systems Security Professional (CISSP). Desirable skills/knowledge/ More ❯
emulation, bypassing modern defenses, and helping Fortune 500 clients improve their cyber resilience. What Youll Do: Plan and execute full-scope red team engagements (TIBER-style, MITREATT&CK aligned) Perform focused penetration tests on web applications, mobile apps (iOS/Android), APIs, and backend services , as well as traditional network/cloud infrastructure and More ❯
CCT, or equivalent) Experience conducting security build reviews across common operating systems (e.g. Windows, Linux) Scripting or programming experience (e.g. Python, PowerShell, or Bash) Knowledge of MITREATT&CK, TTPs, and adversary simulation techniques Awareness of broader threat environments and current industry trends What Youll Get: Competitive salary (up to 60,000, depending on experience More ❯
or C) Experience with major red team frameworks (e.g., Sliver, Mythic, Cobalt Strike) and a willingness to go beyond them Familiarity with adversary emulation frameworks and MITREATT&CK Exposure to social engineering or physical red teaming is a strong bonus A calm, pragmatic communicator who can write clearly and explain technical risk to a More ❯
