1 to 25 of 55 MITRE ATT&CK Jobs in England

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position SOC Shift Lead Permanent Location Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position SOC Shift Lead Permanent Location Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position SOC Shift Lead Permanent Location Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance.Due to the nature More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

Line Management. Maintain, improve and develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent the SOC within Partners meetings. Ability … in Security Operations Centre. People management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding of networking principles including TCP … with QRadar. Overview Position – SOC Shift Lead – Permanent Location – Hemel Hempstead Salary - From £58K to £65K dependant on experience Keywords: SOC, Security Operations Centre, Sentinel, Splunk, Mitre Att&ck, SIEM, QRadar Only apply for this role if you currently hold the specific Government Security Clearance or are eligible for Government Security Clearance. Due to the More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired) Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) Experience in threat modelling & application security risk assessments, secure software More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired) Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) Experience in threat modelling & application security risk assessments, secure software More ❯

scripting tools in cloud environments is a plus Cloud Security skills (desired) Secure software development practices, including SecDevOps Sound knowledge of applicable frameworks & standards, including OWASP, MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM & ISO 27107 Relevant industry certifications including CSCP Understanding of cyber risk frameworks or industry standards such as 800-53, ISO … among others Sound knowledge of applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance Sound knowledge of applicable frameworks, including MITRE ATT@CK & D3FEND, CIS, NIST CSF, CSA CCM Strong communication and presentation skills Cyber Risk Management skills (desired) Experience in threat modelling & application security risk assessments, secure software More ❯

Lead incident response activities and collaborate with threat intelligence teams Enrich detection logic with contextual threat data Threat Modelling & Use Case Development Conduct threat modelling using MITRE ATT&CK, STRIDE, or Kill Chain frameworks Translate models into actionable SIEM use cases and detection rules Prioritize engineering efforts based on risk and business impact Reporting & Collaboration … query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks Understanding of network traffic flows and vulnerability management Exposure to ethical hacking and penetration testing Knowledge of ITIL disciplines (Incident, Problem, Change More ❯

correlation logic to reduce dwell time and improve detection accuracy. Collaborate with threat intelligence teams to ensure real-time enrichment of event data and alignment with MITRE ATT&CK adversary tactics. Program & Capability Development Build the CCM capability from the ground up, defining the operating model, reporting cadence, and engagement with SOC, risk, and compliance. … threat intelligence platforms. Expertise in metrics-driven monitoring: defining, tracking, and reporting MTTD, MTTR, false positive rates, and coverage completeness. Familiarity with frameworks like NIST CSF, MITRE ATT&CK, and ISO 27001, with experience applying these to monitoring. Experience in threat hunting, anomaly detection, and behavioral analytics. Strong leadership skills: able to recruit, mentor, and More ❯

solutions to streamline operations and reduce response times. Collaborate with cross-functional engineering teams to harden Kubernetes clusters and container technologies such as Docker. Leverage the MITRE ATT&CK framework to map, detect, and mitigate advanced threats. Qualifications & Experience: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike). Strong KQL … and container technologies (e.g., Docker). Threat Hunting, Detection Engineering, and Incident Response experience. Knowledge of Security Automation (SOAR) and Hyper Automation practices. Familiarity with the MITRE ATT&CK framework. Experience with SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.). Understanding of Zero Trust Network Architecture (ZTNA), IDS/IPS, vulnerability scanners, and web More ❯

solutions to streamline operations and reduce response times. Collaborate with cross-functional engineering teams to harden Kubernetes clusters and container technologies such as Docker. Leverage the MITRE ATT&CK framework to map, detect, and mitigate advanced threats. Qualifications & Experience: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike). Strong KQL … and container technologies (e.g., Docker). Threat Hunting, Detection Engineering, and Incident Response experience. Knowledge of Security Automation (SOAR) and Hyper Automation practices. Familiarity with the MITRE ATT&CK framework. Experience with SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.). Understanding of Zero Trust Network Architecture (ZTNA), IDS/IPS, vulnerability scanners, and web More ❯

solutions to streamline operations and reduce response times. Collaborate with cross-functional engineering teams to harden Kubernetes clusters and container technologies such as Docker. Leverage the MITRE ATT&CK framework to map, detect, and mitigate advanced threats. Qualifications & Experience: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike). Strong KQL … and container technologies (e.g., Docker). Threat Hunting, Detection Engineering, and Incident Response experience. Knowledge of Security Automation (SOAR) and Hyper Automation practices. Familiarity with the MITRE ATT&CK framework. Experience with SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.). Understanding of Zero Trust Network Architecture (ZTNA), IDS/IPS, vulnerability scanners, and web More ❯

solutions to streamline operations and reduce response times. Collaborate with cross-functional engineering teams to harden Kubernetes clusters and container technologies such as Docker. Leverage the MITRE ATT&CK framework to map, detect, and mitigate advanced threats. Qualifications & Experience: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike). Strong KQL … and container technologies (e.g., Docker). Threat Hunting, Detection Engineering, and Incident Response experience. Knowledge of Security Automation (SOAR) and Hyper Automation practices. Familiarity with the MITRE ATT&CK framework. Experience with SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.). Understanding of Zero Trust Network Architecture (ZTNA), IDS/IPS, vulnerability scanners, and web More ❯

solutions to streamline operations and reduce response times. Collaborate with cross-functional engineering teams to harden Kubernetes clusters and container technologies such as Docker. Leverage the MITRE ATT&CK framework to map, detect, and mitigate advanced threats. Qualifications & Experience: Security Monitoring & Detection (e.g., XDR tools like Carbon Black, Microsoft Defender XDR, CrowdStrike). Strong KQL … and container technologies (e.g., Docker). Threat Hunting, Detection Engineering, and Incident Response experience. Knowledge of Security Automation (SOAR) and Hyper Automation practices. Familiarity with the MITRE ATT&CK framework. Experience with SIEM platforms (Microsoft Sentinel, Splunk, Google Chronicle, etc.). Understanding of Zero Trust Network Architecture (ZTNA), IDS/IPS, vulnerability scanners, and web More ❯

and attribution. Producing clear, actionable intelligence reports for technical and non-technical audiences. Collaborating with SOC, red team, and incident response functions. Analysing adversary TTPs using MITRE ATT&CK and other frameworks. Delivering threat assessments, briefings, and dashboards to clients. ✅ What we’re looking for: Experience in CTI or cyber investigations (MSSP, SOC, or intel … like Maltego, SpiderFoot, Shodan, Recon-ng. Excellent report writing and communication skills. Knowledge of threat actor motivations, malware types, and cybercrime ecosystems. Familiarity with frameworks like MITRE ATT&CK, Diamond Model, Kill Chain. Eligible for SC Clearance and working towards (or open to) CREST CPTIA/CRTIA. 💡 Benefits: Hybrid working model. Access to professional development More ❯

and attribution. Producing clear, actionable intelligence reports for technical and non-technical audiences. Collaborating with SOC, red team, and incident response functions. Analysing adversary TTPs using MITRE ATT&CK and other frameworks. Delivering threat assessments, briefings, and dashboards to clients. ✅ What we’re looking for: Experience in CTI or cyber investigations (MSSP, SOC, or intel … like Maltego, SpiderFoot, Shodan, Recon-ng. Excellent report writing and communication skills. Knowledge of threat actor motivations, malware types, and cybercrime ecosystems. Familiarity with frameworks like MITRE ATT&CK, Diamond Model, Kill Chain. Eligible for SC Clearance and working towards (or open to) CREST CPTIA/CRTIA. 💡 Benefits: Hybrid working model. Access to professional development More ❯

risk exposure to cyber security, in support of operational and business planning activity across a range of different domains or sectors using established frameworks (e.g. NIST, MITRE ATT&CK, UK Government) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Support development of cyber security risk cases in a … years of experience in security vulnerability, risk, audit & compliance Understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't have a fixed idea when it comes to background or education, provided you More ❯

the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential impact of identified threats on both internal operations and customer environments. Track and document evolving threat trends, vulnerabilities, and attack vectors that could affect our … operations. What youll bring: Solid grasp of cybersecurity frameworks (e.g., MITRE ATT&CK) and threat analysis methodologies. Excellent analytical skills and able to synthesize complex threat data. Proven experience in a Cyber Threat Intelligence role. It would be great if you had: ? Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field. If More ❯

the SOC and incident response teams during active security incidents, providing real-time threat intelligence. Study threat actors’ tactics, techniques, and procedures (TTPs) using frameworks like MITRE ATT&CK. Evaluating the potential impact of identified threats on both internal operations and customer environments. Track and document evolving threat trends, vulnerabilities, and attack vectors that could affect our … operations. What you’ll bring: Solid grasp of cybersecurity frameworks (e.g., MITRE ATT&CK) and threat analysis methodologies. Excellent analytical skills and able to synthesize complex threat data. Proven experience in a Cyber Threat Intelligence role. It would be great if you had: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related More ❯

with SIEM, SOAR, EDR, UTM, and honeypots. Cloud Security: Understanding of cloud platform security measures (AWS, Azure, etc.) Security Frameworks: Advanced knowledge of frameworks such as MITRE ATT&CK, NIST, etc. Consulting Skills: Risk Management: Ability to assess, prioritize, and manage security risks aligned with client needs Strategic Planning: Capable of developing and executing end More ❯

tools (e.g., Logic Apps, XSOAR). Threat Detection & Response: Investigate alerts, enrich detection logic with threat intel, coordinate incident response. Threat Modelling & Use Case Development: Apply MITRE ATT&CK, STRIDE, and Kill Chain frameworks to build detection use cases. Reporting & Collaboration: Build security dashboards, produce reporting packs, and guide junior analysts and engineers. Client & Project … preferred). Strong knowledge of log parsing, SIEM query languages (KQL, SPL, AQL), and automation with Python/PowerShell. Deep understanding of incident response, threat detection, and frameworks (MITRE, NIST, CIS). Knowledge of vulnerability scanning, penetration testing, and network traffic analysis. Familiarity with ITIL processes (Incident, Problem, Change). Excellent stakeholder communication, with the ability to mentor More ❯