1 to 25 of 44 Remote MITRE ATT&CK Jobs in England

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What youll … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What you … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

data enrichment tools. Experience using Breach and Attack Simulation (BAS) platforms to build and validate threat scenarios. Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modeling. Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera. Experience producing threat reports and … activities by providing contextual intelligence and working alongside hunt team members. Conduct threat modeling of threat actors, including their capabilities, motivations, and potential impact. Leverage the MITRE ATT&CK framework to map threat actor behaviors and support detection engineering. Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans. Collaborate with global stakeholders More ❯

of Threat Intelligence Practices & Ability to Translate Complex Data Strong Background in Threat & Vulnerability Intelligence, including familiarity with Threat Actor Tracking, Vulnerability Databases & Frameworks such as MITRE ATT&CK Hands-On Experience with Honeypot Data & Log Analysis, ideally within ELK Stack Proficiency in Python Programming with Ability to Automate Workflows, Parse Data & Build Customised Tooling … Both Internal Stakeholders & External Searches: Threat Analyst/Threat Intelligence Analyst/Senior Threat Intelligence Analyst/Senior Vulnerability Analyst/Threat Hunting/Adversarial/MITRE ATT&CK/APT Analyst/Cyber Threat Analyst At SECURE , We Value Attitude & Aptitude Over Certifications. If you possess the drive and relevant experience to deliver tangible More ❯

architecture for service mesh deployments across Kubernetes and containerised platforms. Conduct risk assessments and develop mitigation strategies for identified vulnerabilities. Create detailed threat models aligned to MITRE ATT&CK and STRIDE frameworks. Design and review secure API gateway patterns using IBM DataPower. Lead implementation of Zero-Trust , mTLS, RBAC and policy enforcement within service mesh … designing secure architectures for hybrid/multi-cloud environments. Strong background in Zero-Trust , microservices security, and containerised platforms. Experienced in building bespoke threat models using MITRE ATT&CK & STRIDE . Ability to assess security elements of solution designs, constructively challenge, and drive secure outcomes. If you are interested or would like to know more More ❯

context and collaborating with hunt teams to refine hypotheses. Conduct threat actor modelling, focusing on motivations, capabilities, and potential business impact. Map threat behaviours using the MITRE ATT&CK framework to support detection engineering. Develop and maintain threat profiles, adversary emulation plans, and attack surface insights. Deliver high quality briefings, reports, and threat assessments to … or penetration testing. Proven ability to collaborate with Red Teams, Blue Teams, and SOC functions. Strong understanding of adversary TTPs, threat modelling, and frameworks such as MITRE ATT&CK. Experience with threat intelligence platforms, SIEM systems, and enrichment tools. Familiarity with Breach and Attack Simulation platforms. Hands on experience with penetration testing tools such as Metasploit, Burp More ❯

context and collaborating with hunt teams to refine hypotheses. Conduct threat actor modelling, focusing on motivations, capabilities, and potential business impact. Map threat behaviours using the MITRE ATT&CK framework to support detection engineering. Develop and maintain threat profiles, adversary emulation plans, and attack surface insights. Deliver high quality briefings, reports, and threat assessments to … or penetration testing. Proven ability to collaborate with Red Teams, Blue Teams, and SOC functions. Strong understanding of adversary TTPs, threat modelling, and frameworks such as MITRE ATT&CK. Experience with threat intelligence platforms, SIEM systems, and enrichment tools. Familiarity with Breach and Attack Simulation platforms. Hands on experience with penetration testing tools such as Metasploit, Burp More ❯

Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry More ❯

and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to More ❯

for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT&CK). Experience in digital forensics and malware analysis. Understanding of CNI or energy/utility environments. Proficiency in scripting/automation (KQL, PowerShell, Python). Excellent More ❯

sharing What You’ll Bring 2 to 4 years of experience in a SOC, CSIRT or cyber defence environment Strong understanding of attack methodologies such as MITRE ATT&CK and the Cyber Kill Chain Hands on experience with SIEM and EDR tools including Microsoft Sentinel, Defender, Splunk or CrowdStrike Experience with triage, containment and incident More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

or similar role (preferably in MSP/MSSP). Hands-on experience with SIEM, EDR, IDS/IPS, firewalls, and incident response. Familiarity with frameworks like MITRE ATT&CK, NIST, CIS, or ISO 27001. Degree in IT security, or relevant professional Certifications or practical experience. Basic scripting skills (Python, PowerShell, or Bash) are a plus. More ❯

CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar More ❯

critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯

etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative More ❯

Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS/IPS, and SOAR platforms. More ❯

Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS/IPS, and SOAR platforms. More ❯

2nd line or similar). Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding of common security frameworks and practices (e.g., MITRE ATT&CK, NIST, ISO 27001). Familiarity with a range of security tools and platforms – experience with Microsoft Sentinel is desirable but not essential. Excellent communication skills – able More ❯

threat intel teams to refine detections. Skills: Proven experience in SIEM content development & threat detection. Strong expertise with Microsoft Sentinel, Azure & Logic Apps. Deep knowledge of MITRE ATT&CK, attacker TTPs & security principles. Strong analytical & problem-solving skills. More ❯