1 to 25 of 32 MITRE ATT&CK Jobs in London

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

positives. Output activities from refinement sessions such as development and/or refinement of rules and workbooks. Optimisation activities such as log utilisation tracking and refinement. MITRE ATT&CK heat map coverage. Working with internal ITC teams and the Customer to identify any onboarding or offboarding projects of appropriate log sources necessary for effective security … LLD (co-management activity). Skills required: Hands-on MXDR/SIEM experience (e.g., Sentinel, Splunk, QRadar) Strong telemetry parsing/enrichment skills Solid grasp of MITRE ATT&CK & threat-detection best practices Clear communicator with a customer-focused mindset Passion for continuous improvement in cyber defence Please apply within for further details. Alex Reeder More ❯

vulnerabilities. Ability to coordinate and chair regular meetings and workshops with multiple stakeholders to provide guidance, collaboration and oversight of vulnerability remediation initiatives. Excellent understanding of MITRE ATT&CK framework, adversary tactics and techniques. Confidence in presenting information and acting as a source of SME knowledge and guidance. Analytical, conceptual thinking, planning and execution skills. … responsibility models. Strong communication skills with the ability to explain complex security issues to non-technical stakeholders. Knowledge of Zero Trust architecture and security frameworks (e.g., MITRE ATT&CK). Experience in red/blue team exercises. Familiarity with cloud-native security tools and infrastructure-as-code (e.g., Azure Policy, ARM/Bicep, Terraform). More ❯

strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence technical and business stakeholders across all levels of an organization Experience supporting RFP/RFI … and implementation capabilities. Provide input to product teams on feature gaps or enhancements based on customer feedback. Stay abreast of the latest threat trends, frameworks (e.g., MITRE ATT&CK, Zero Trust), and regulatory requirements. Set yourself apart: Industry certifications such as CISSP, SC-200, PCNSE, Fortinet NSE, CCFR, or Zscaler Certified Expert Experience designing or More ❯

integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security … tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior More ❯

integrate with security monitoring frameworks. Develop and oversee vulnerability management programs, ensuring alignment with industry standards. Provide subject matter expertise on cyber security frameworks, including NIST, MITRE ATT&CK, and Kill Chain methodologies. About You: Proven experience in Cyber Security, with a focus on incident response, security monitoring, and threat intelligence. Strong knowledge of security … tools and network protocol analysis (e.g., Wireshark). Familiarity with cloud security assessments and industry benchmarks such as CIS. Experience with security frameworks such as NIST, MITRE ATT&CK, and the Cyber Kill Chain. Certifications such as GCIA, GCIH, or GCFA are highly desirable. Package: £70,000 - £75,000 Junior £80,000 - £90,000 Senior More ❯

of use cases, threat intelligence, and vulnerability management. Key Responsibilities Lead the DFIR function, overseeing incident detection, investigation, and response activities. Develop and implement IR methodologies (MITRE ATT&CK, Kill Chain, Threat Modelling, Diamond Model). Conduct forensic investigations on systems, networks, and endpoints. Refine threat hunting and threat intelligence capabilities. Support and mature security … cyber incident response teams. Deep technical knowledge of IR and forensic analysis (eg Wireshark, packet capture, host-based artifacts). Strong understanding of security monitoring frameworks (MITRE ATT&CK, NIST, etc.). Experience working in financial services or a regulated environment preferred. Hands-on experience with SIEM tools, network forensics, and endpoint detection. Knowledge of More ❯

for end-to-end incident response operations, including triage, containment, root cause analysis, and post-incident reporting. Perform threat hunting and proactive detection using frameworks like MITRE ATT&CK and threat intelligence. Maintain and enhance SOC playbooks, runbooks, and standard operating procedures to stay aligned with evolving threats and compliance requirements. Hands on with scripting … with security automation; scripting in Python is a strong advantage. Solid understanding of incident response processes, threat intelligence, and security monitoring. Familiarity with frameworks such as MITRE ATT&CK, NIST, and OWASP. Exposure to secure coding practices and DevSecOps environments is a strong plus (not mandatory) Experience working in large enterprise environments and supporting complex More ❯

Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code principles to manage detection … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

Depth model. Detective monitoring such as Splunk Vulnerability Management - patching techniques Suggested Experience in SOAR system (Phantom) Experience in Anomali Threat Intelligence Platform Analysis based on MITRE ATT&CK Framework Education/Qualifications: Essential Degree educated and/or equivalent experience. PERSONAL REQUIREMENTS Good communication skills A pro-active, motivated approach. The ability to operate More ❯

and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA More ❯

and KQL Strong knowledge of Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA Security+, CISSP, GCIA, GCIH, GCFA More ❯

atomic IOCs, threat actor methodologies, malware, and vulnerabilities Familiarity with the intelligence cycle , structured analytical techniques, and appropriate analytical frameworks (including Cyber Kill Chain, Diamond Model, MITRE ATT&CK) Ability to deliver at pace , find solutions, and adapt in a constantly evolving organization Strong analytical skills , a demonstrated writing abilit y, and excellent verbal communication More ❯

enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security policies align with standards like NIST, ISO 27001, MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident More ❯

across diverse environments (cloud, hybrid, manufacturing). - Hands-on expertise with EDR, SOAR tooling, and SASE/SSE technologies. - Deep familiarity with frameworks such as NIST, MITRE ATT&CK, and other industry standards. - Strong stakeholder management skills and the ability to influence at all levels of the business. - A pragmatic, action-oriented approach to reaching More ❯

environment Have knowledge of cybersecurity tools and software like NGFW, EDR, IDS/IPS, EDR, DLP, SIEM, other log management platforms, etc. Be familiar with the MITRE ATT&CK Framework and/or Cyber Kill Chain Be passionate on exploring new technologies and having creative initiative to boost the team capabilities Holders of security related More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

years of experience in a cybersecurity analyst role, preferably in a SOC or incident response function. Strong understanding of threat actor TTPs and practical experience applying MITRE ATT&CK or similar frameworks. Hands-on experience with SIEM, EDR, and NDR platforms. Familiarity with cloud environments such as AWS, Azure, and GCP. Solid investigative mindset and More ❯

must have demonstrable expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including remediations for the MITRE ATT&CK Framework and NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the More ❯

must have demonstrable expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including remediations for the MITRE ATT&CK Framework and NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the More ❯

compliance frameworks ISO 27001, NIST, DORA, CREST. TIBER etc.) Willingness to travel to regular F2F end user meetings Familiarity with tools and standards such as OWASP, MITRE ATT&CK etc Self-starter with a results-oriented mindset and the ability to work independently Experience using CRM and sales analytics platforms Ability to thrive in a More ❯

containerised environments. Experience in building or maturing security culture initiatives, including awareness programs, gamified training, or executive engagement. Experience with security testing tools and frameworks (e.g., MITRE ATT&CK, Cobalt Strike, Metasploit, Burp Suite, or similar). About the job The UK Security Operations (SecOps) team in Google Public Sector delivers, operates and secures private More ❯

cyber-attacks. Experience within a Security Operations Centre. Fluent in English, both written and spoken. Excellent presentation and analytical skills. Preferred Skills and Qualifications Understanding of MITRE ATT&CK techniques and ability to explain TTPs to clients. Experience creating SIGMA, SNORT, and YARA rules for detection. Control Risks offers a competitive compensation and benefits package More ❯

better suited to. 8+ years of experience in IoT security, preferably in the medical device or the pharmaceutical industry. Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining More ❯

strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence technical and business stakeholders across all levels of an organization Experience supporting RFP/RFI More ❯