9 of 9 MITRE ATT&CK Jobs in London

enrichment logic to enhance detections and investigation efficiency Support purple-team activities, threat modelling, and attack-simulation scenarios aligned to MITRE ATT&CK Provide technical escalation support and mentorship to L1/L2 SOC analysts Perform root-cause analysis, identify systemic issues, and drive continuous … Windows, Azure AD/Entra ID, M365, network security, and cloud workloads Advanced knowledge of attacker TTPs, threat intelligence sources, and MITRE ATT&CK mapping Proven experience leading major incidents in an enterprise SOC environment Strong understanding of SOAR automation and experience building Logic Apps ...

tune security tooling such as EDR, DLP, SIEM and SOAR to improve detection and response effectiveness. Apply frameworks such as MITRE ATT&CK and the cyber kill chain to map, detect and disrupt attacker tradecraft. Leverage offensive tooling (Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz, etc. … others. Strong experience with security tooling: EDR, DLP, SIEM, SOAR. Solid background in threat investigation and incident response. Good understanding of MITRE ATT&CK, cyber kill chain and common attacker tradecraft. Familiarity with offensive tools such as Kali, Cobalt Strike, Metasploit, Bloodhound, Mimikatz. Strong knowledge ...

Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA ...

engineering, incident response, security engineering, threat hunting, or threat intelligence Strong experience with security tooling (SIEM, SOAR, EDR, DLP) Understanding of MITRE ATT&CK, cyber kill chain, and attacker tradecraft Experience investigating complex security incidents across applications and infrastructure Familiarity with offensive tools (Kali, Cobalt ...

perimeter controls and operating systems Understanding of cloud security controls and container security Experience with EDR tooling and familiarity with the MITRE ATT&CK framework Experience with scripting or basic coding for automation Experience conducting investigations including eDiscovery Industry recognised security certifications such as CISSP ...

Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours ...

ability to work effectively within a collaborative SOC team Desirable Skills Experience with incident documentation and reporting Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001) Ability to adapt quickly to new tools, threats, and operational priorities Any relevant certifications (e.g., Security+, CySA+, Microsoft ...

environments Practical experience building and maintaining SOAR playbooks and automations Good understanding of common attack techniques, TTPs, and frameworks such as MITRE ATT&CK Scripting or automation capability (e.g., Python, PowerShell, JSON, REST APIs) Strong analytical and problem-solving skills with a methodical approach ...

languages (Python, Bash, PowerShell). Experience with cloud security monitoring (AWS, Azure, GCP). Knowledge of frameworks such as NIST and MITRE ATT&CK. Qualifications Bachelor’s degree in Cyber Security, IT, or related field. 3–5 years in SOC operations, incident response, or threat intelligence. Practical ...