1 to 25 of 57 MITRE ATT&CK Jobs in London

Bash). Strong understanding of SOC processes, including incident response and threat detection. Experience with SIEM platforms (e.g., Splunk). Knowledge of security frameworks (e.g., NIST, MITRE ATT&CK). Skills Proficiency in automation tools (e.g., SOAR platforms, Ansible, Phantom). Expertise in scripting languages (e.g., Python, PowerShell, Bash). Strong knowledge of SOC processes … . Ability to integrate and automate security tools. Strong problem-solving and analytical skills. Experience in developing automated workflows and playbooks. Knowledge of security frameworks (e.g., MITRE ATT&CK, NIST). Strong collaboration and communication skills. Experience with log management and event correlation automation. Experience 3-5 years of experience in SOC or cybersecurity roles. … incident response, and threat detection. Experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight). Experience developing and managing automated response workflows. Familiarity with security frameworks like MITRE ATT&CK or NIST. Experience working with security log management and event correlation tools. Additional Information What will happen next? If the opportunity sounds interesting to you, please More ❯

Perform advanced threat hunting and root cause analysis across cloud workloads, Kubernetes clusters, APIs, and user activity. Integrate external threat intelligence feeds, aligning TTPs with the MITRE ATT&CK framework. Drive continuous improvement by conducting regular purple team exercises and scenario-based tabletop tests. Cloud Security Engineering Work hands-on with GCP security controls, including … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, Kill Chain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or … GCIA Experience implementing Zero Trust Architecture in a cloud-native environment. Familiarity with OPA/Gatekeeper, Kubernetes Admission Controllers. Background in red teaming or adversary simulation (MITRE Caldera, Atomic Red Team). Experience working with BigQuery, Data Loss Prevention (DLP) tools, and Key Management Systems (KMS). Why This Role? Work directly with engineering, DevSecOps, and compliance leadership. More ❯

Perform advanced threat hunting and root cause analysis across cloud workloads, Kubernetes clusters, APIs, and user activity. Integrate external threat intelligence feeds, aligning TTPs with the MITRE ATT&CK framework. Drive continuous improvement by conducting regular purple team exercises and scenario-based tabletop tests. Cloud Security Engineering Work hands-on with GCP security controls, including … services, ideally under PCI-DSS, ISO 27001, or SOC 2. Strong Scripting or automation experience (Python, Terraform, Bash). Knowledge of threat modelling and attack frameworks (MITRE ATT&CK, Kill Chain). Familiarity with Kubernetes (GKE), container security, API hardening. Nice to Have Certifications such as: Google Professional Cloud Security Engineer CISSP, CISM, GCIH, or … GCIA Experience implementing Zero Trust Architecture in a cloud-native environment. Familiarity with OPA/Gatekeeper, Kubernetes Admission Controllers. Background in red teaming or adversary simulation (MITRE Caldera, Atomic Red Team). Experience working with BigQuery, Data Loss Prevention (DLP) tools, and Key Management Systems (KMS). Why This Role? Work directly with engineering, DevSecOps, and compliance leadership. More ❯

systems, and security principles Proficiency with security tools like LogRhythm, Qualys, SCCM, Intune, Microsoft 365, AD, and enterprise anti-malware Technical knowledge in network segmentation, firewalls, Mitre Att&ck, Windows, Linux, and Mac, with experience in NIST standards and frameworks About You Bring strong analytical, problem-solving, and interpersonal skills to collaborate across teams and More ❯

cybersecurity, with 2+ in SOC or security engineering. Strong experience with SIEM/SOAR (e.g., Splunk, Sentinel). Proficient in scripting (Python, PowerShell). Knowledge of MITRE ATT&CK and incident response. Experience in regulated financial environments. Nice to Have: SOC certifications (e.g., GCIH, GCIA), Splunk Certified User/Admin. Familiarity with cloud logging (CloudTrail More ❯

behavioural analytics, network traffic analysis, and threat intelligence. * Incident response skills, including proficiency in PCAP capture, network analysis, and traffic pattern recognition. * Knowledge of attack techniques (MITRE ATT&CK framework, malware analysis, and intrusion detection). * Proficiency in analyzing network traffic (PCAP), endpoint logs, IDS/IPS alerts, and security telemetry. * Stakeholder management skills, with More ❯

Play a pivotal role in incident response and root cause analysis for complex security issues Drive automation of processes, implement best practice frameworks (NIST, ISO 27001, MITRE ATT&CK), and ensure thorough documentation of systems and workflows Engage with vendors, test and deploy security technologies, and contribute to technical decision-making What We're Looking More ❯

NIST 800-61 incident response lifecycle, including containment, eradication, and recovery. Experience in digital forensics, including evidence acquisition and chain-of-custody practices. Familiarity with frameworks such as MITRE ATTACK, Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Knowledge of open-source IR tools such as Velociraptor, Eric Zimmerman Tools, Chainsaw, Volatility More ❯

behavioral analytics, network traffic analysis, and threat intelligence. Incident response skills, including proficiency in PCAP capture, network analysis, and traffic pattern recognition. Knowledge of attack techniques (MITRE ATT&CK framework, malware analysis, and intrusion detection). Proficiency in analyzing network traffic (PCAP), endpoint logs, IDS/IPS alerts, and security telemetry. Stakeholder management skills, with More ❯

technical experience in computer forensics for cyber incident response and investigations. Understanding of best practices (NPCC, NIST, ISO17025) in evidence handling, systems, and tools. Knowledge of MITRE ATT&CK, Cyber Kill Chain, network topology, and EDR solutions. Expertise in multiple operating systems (Microsoft, Linux), cloud services (Microsoft 365, Azure, AWS, Google Workspace), and on-premise More ❯

following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus More ❯

and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

must have demonstrable expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including remediations for the MITRE ATT&CK Framework and NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the More ❯

capability. A keen interest in current cybersecurity developments, with awareness of emerging threats, attacker techniques, and known vulnerabilities. Working knowledge of industry recognized frameworks such as MITRE ATT&CK, and an understanding of key compliance requirements including ISO 27001 and Cyber Essentials Plus. Hands-on experience with Microsoft security technologies, particularly within Azure ecosystems, and More ❯

trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITRE ATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯

trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITRE ATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯

trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITRE ATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯

stakeholders. Qualifications Your Skills & Experience We seek candidates with experience in: Proficiency in GCP (essential) Security architecture principles, frameworks, and best practices Threat modeling methodologies like MITRE ATT&CK, STRIDE, PASTA Cybersecurity experience of 5+ years Security practices including authentication, authorization, logging, encryption, infrastructure security, network segmentation Knowledge of cloud security frameworks Rest API knowledge More ❯

automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications More ❯

automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications More ❯

Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or More ❯

automation in CI/CD pipelines. Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks. Experience conducting threat modelling, code reviews and penetration testing. Excellent communication skills with the ability to influence and educate development teams. Security certifications More ❯

Cloud, GCP Security Command Center) Detection engineering using KQL, particularly with Microsoft Sentinel Familiarity with Kubernetes, Docker, and securing containerised services Understanding of Zero Trust Architecture, MITRE ATT&CK, and cloud threat models Experience with SOAR platforms and automation pipelines Scripting or programming skills (Python, PowerShell, Bash, etc.) Interviews are moving fast — apply now or More ❯