1 to 25 of 62 MITRE ATT&CK Jobs in London

movement, and data exfiltration. Strong hands-on experience with SIEM, EDR, IDS/IPS, and forensic analysis tools. Expertise in threat cyber security frameworks such as MITRE ATT&CK and Cyber Kill Chains. Strong analytical and problem-solving skills, with an investigative mindset to identify security threats. Experience with malware analysis, including static and dynamic More ❯

Bash). Strong understanding of SOC processes, including incident response and threat detection. Experience with SIEM platforms (e.g., Splunk). Knowledge of security frameworks (e.g., NIST, MITRE ATT&CK). Skills Proficiency in automation tools (e.g., SOAR platforms, Ansible, Phantom). Expertise in scripting languages (e.g., Python, PowerShell, Bash). Strong knowledge of SOC processes … . Ability to integrate and automate security tools. Strong problem-solving and analytical skills. Experience in developing automated workflows and playbooks. Knowledge of security frameworks (e.g., MITRE ATT&CK, NIST). Strong collaboration and communication skills. Experience with log management and event correlation automation. Experience 3-5 years of experience in SOC or cybersecurity roles. … incident response, and threat detection. Experience with SIEM platforms (e.g., Splunk, QRadar, ArcSight). Experience developing and managing automated response workflows. Familiarity with security frameworks like MITRE ATT&CK or NIST. Experience working with security log management and event correlation tools. Additional Information What will happen next? If the opportunity sounds interesting to you, please More ❯

development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident More ❯

development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident More ❯

development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident More ❯

Falcon platform Scripting experience in Python , PowerShell , or Bash . Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g., Git). Familiarity with other SOC More ❯

systems, and security principles Proficiency with security tools like LogRhythm, Qualys, SCCM, Intune, Microsoft 365, AD, and enterprise anti-malware Technical knowledge in network segmentation, firewalls, Mitre Att&ck, Windows, Linux, and Mac, with experience in NIST standards and frameworks About You Bring strong analytical, problem-solving, and interpersonal skills to collaborate across teams and More ❯

CrowdStrike Falcon platform Scripting experience in Python, PowerShell, or Bash. Experience with REST APIs and JSON for tool integration. Working knowledge of incident response frameworks and MITRE ATT&CK. Strong problem-solving, critical thinking, and communication skills. Desirable Qualifications Experience with CI/CD for playbook development and version control (e.g., Git). Familiarity with other SOC More ❯

behavioural analytics, network traffic analysis, and threat intelligence. * Incident response skills, including proficiency in PCAP capture, network analysis, and traffic pattern recognition. * Knowledge of attack techniques (MITRE ATT&CK framework, malware analysis, and intrusion detection). * Proficiency in analyzing network traffic (PCAP), endpoint logs, IDS/IPS alerts, and security telemetry. * Stakeholder management skills, with More ❯

NIST 800-61 incident response lifecycle, including containment, eradication, and recovery. Experience in digital forensics, including evidence acquisition and chain-of-custody practices. Familiarity with frameworks such as MITRE ATTACK, Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Knowledge of open-source IR tools such as Velociraptor, Eric Zimmerman Tools, Chainsaw, Volatility More ❯

technical experience in computer forensics for cyber incident response and investigations. Understanding of best practices (NPCC, NIST, ISO17025) in evidence handling, systems, and tools. Knowledge of MITRE ATT&CK, Cyber Kill Chain, network topology, and EDR solutions. Expertise in multiple operating systems (Microsoft, Linux), cloud services (Microsoft 365, Azure, AWS, Google Workspace), and on-premise More ❯

following areas as possible, and be able to demonstrate it: Security Detection and Monitoring Detection Engineering Malware Analysis (Static and Dynamic) Threat Hunting and Threat Intelligence (MITRE ATT&CK) Penetration Testing Security Automation (SOAR) It would help if you had experience with the following: SIEM tools (Microsoft Sentinel, Splunk, ELK, Siemplify) Vulnerability Management (Qualys, Nessus More ❯

and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

concepts clearly to technical audiences. Strong knowledge of relevant security frameworks and standards (e.g., NIST CSF, CIS Benchmarks, OWASP ASVS). Exposure and knowledge of the MITRE ATT&CK framework. Experience effectively coordinating external penetration testing engagements and managing remediation efforts. Nice to have Relevant advanced security certifications (e.g., AWS Certified Security - Specialty, CISSP, CCSP More ❯

must have demonstrable expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including remediations for the MITRE ATT&CK Framework and NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

capability. A keen interest in current cybersecurity developments, with awareness of emerging threats, attacker techniques, and known vulnerabilities. Working knowledge of industry recognized frameworks such as MITRE ATT&CK, and an understanding of key compliance requirements including ISO 27001 and Cyber Essentials Plus. Hands-on experience with Microsoft security technologies, particularly within Azure ecosystems, and More ❯

trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITRE ATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯

trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITRE ATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯

stakeholders. Qualifications Your Skills & Experience We seek candidates with experience in: Proficiency in GCP (essential) Security architecture principles, frameworks, and best practices Threat modeling methodologies like MITRE ATT&CK, STRIDE, PASTA Cybersecurity experience of 5+ years Security practices including authentication, authorization, logging, encryption, infrastructure security, network segmentation Knowledge of cloud security frameworks Rest API knowledge More ❯

CompTIA, GIAC. Strong experience with: LAN/WAN, routing protocols, and data centre support Azure, Office 365, Intune, on-prem infrastructure Incident handling frameworks (e.g., MITRE ATT&CK) Endpoint detection and response (EDR), SIEM tools Clear understanding of GDPR, NIST, and other regulatory standards. Confident communicator with strong problem-solving and documentation skills. What’s More ❯

Cloud, Sysdig, Splunk and Logrythm to Open Source tools such as falco, kube-hunter, and kube-bench. Knowledge and experience of hardening guides, compliance standards and MITRE ATT&CK and Adversary Tools, Techniques and Procedures. Security related qualifications such as OSCP, Cloud Provider Security certifications, or CISSP A desire to learn, or experience with: CLI More ❯

REST APIs Log ingestion and parsing across multi platforms (Azure/AWS/GCP, M365, Defender, Entra, Copilot, Carbon Black, Okta + Tier 1 Network vendors) MITRE ATT&CK, threat detection frameworks, IOC enrichment Ability to go and work things out is crucial Sentinel/Log Analytics Cost Management and Data Optimisation What’s In More ❯