1 to 25 of 66 MITRE ATT&CK Jobs in the South East

development. Experience with Infrastructure as Code (IaC) tools, particularly Terraform. Solid understanding of security monitoring, logging, and alerting concepts. Familiarity with common security frameworks (e.g., NIST, MITRE ATT&CK, OWASP Top 10). Preferred Qualifications Google Professional Cloud Security Engineer certification or equivalent (e.g., CISSP, CISM, AWS/Azure Security Certs). Experience with incident More ❯

command organisation or reporting structure and in security solution design and security architecture experience; working as a security architect with business partners Detailed understanding of the MITRE ATT&CK and D3fend Framework and the Cyber Kill Chain Detailed understanding of using Cyber Threat Intelligence in support of a Managed Security Service organisation An understanding of More ❯

. Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide mentorship and leadership within a SOC team. Desirable (Nice-to-Have … SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre . Staying abreast of cyber threat developments and contributing to More ❯

advanced SIEM platforms (Microsoft Sentinel, Splunk) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices … Sentinel and Splunk Solid understanding of network protocols and infrastructure (eg TCP/IP, VPNs, Firewalls) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities The ability to provide mentorship and leadership within a SOC team To apply for More ❯

Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a SOC team Desirable (Nice-to-Have … advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices More ❯

Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a SOC team Desirable (Nice-to-Have … advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices More ❯

firewalls). Analytical Skills: Proficiency in analysing log sources and data normalization using platforms such as Splunk, Elastic, or similar. Frameworks & Methodologies: Deep knowledge of the MITRE ATT&CK framework, Cyber Kill Chain, NIST, and related methodologies. Communication: Excellent verbal and written communication skills, with the ability to work both independently and collaboratively. Desirable Certifications More ❯

on how to tailor reports to show improvements and learnings In depth understanding of modern attack techniques and flows Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies Experience in cloud environments (Ideally Azure) Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning … related qualifications (e.g SANS 504) At least 3 years of experience working in an Incident Response position. Experienced responding to global complex security events Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Experience of More ❯

on how to tailor reports to show improvements and learnings In depth understanding of modern attack techniques and flows Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies Experience in cloud environments (Ideally Azure) Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning … related qualifications (e.g SANS 504) At least 3 years of experience working in an Incident Response position. Experienced responding to global complex security events Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Experience of More ❯

incident detection and response activities from triage through to post-incident reviews. Develop and mature our threat hunting and threat detection capabilities, using industry frameworks like MITRE ATT&CK. Design and implement custom Microsoft Sentinel use cases, analytics rules, workbooks, and automation playbooks. Tune and optimize our SIEM and log management pipelines to reduce false positives and … hunting methodologies, and endpoint/network security tools. Experience leading complex incident response investigations and containment efforts. Solid understanding of threat actor tactics and frameworks (e.g., MITRE ATT&CK, Cyber Kill Chain). Knowledge of standards and compliance frameworks like NIST, ISO 27001, PCI-DSS, and GDPR. Relevant certifications (e.g., CISSP, GIAC, OSCP, CREST) are More ❯

Perl/PowerShell. Experience collaborating with legal, compliance, and business continuity teams during major incidents Familiarity with frameworks such as NIST 800-61, ISO 27035, or MITRE ATT&CK for incident response planning and execution GIAC Certification GCFE/GCFA/GREM/GNFA/GCIA/GMON Certification in Azure/AWS/GCP More ❯

security incidents using SIEM tools like Microsoft Sentinel and Splunk Lead incident response efforts and develop detection strategies Tune and improve detection rules using frameworks like MITRE ATT&CK Collaborate to enhance the SOC's capabilities Stay updated on cyber threats and share knowledge with the team Mentor junior analysts and foster a positive team … with SIEM platforms such as Microsoft Sentinel and Splunk Knowledge of network protocols , VPNs, and firewalls Experience in incident response and threat analysis Familiarity with the MITRE ATT&CK framework Attention to detail and problem-solving skills Enjoy sharing knowledge and mentoring others Bonus Points Certifications like CRT , OSCP , or similar Experience in SC or … in a SOC environment (SOC Level 2 or above) Leadership or team management experience Proficiency with SIEM platforms, especially Microsoft Sentinel and Splunk Knowledge of the MITRE ATT&CK framework Understanding of network protocols, web and client-server applications, firewalls, VPNs, antivirus tools, and databases Why This Is a Great Opportunity Benefits include 25 days More ❯

SIEM tools like Microsoft Sentinel and Splunk Taking the lead on incident response and helping shape detection strategies Tuning and improving detection rules using frameworks like MITRE ATT&CK Working with your team to strengthen the SOCs overall capability Staying up to date on cyber threats and sharing your knowledge with the team Mentoring junior … on knowledge of SIEM platforms (Microsoft Sentinel, Splunk) Great understanding of network protocols , VPNs, and firewalls Experience in incident response and threat analysis Familiarity with the MITRE ATT&CK framework A keen eye for detail and strong problem-solving skills Someone who enjoys sharing knowledge and guiding others Bonus Points If You Have: Certifications like … Level 2 or above) Previous experience leading or managing a team Hands-on familiarity with SIEM platforms especially Microsoft Sentinel and Splunk Working knowledge of the MITRE ATT&CK framework for threat detection Strong understanding of: Network protocols (TCP/IP, SMTP, HTTP, FTP, etc.) Web and client-server applications Firewalls, VPNs, antivirus tools, and More ❯

Azure AD, LDAP, iDP (identity providers) Email authentication (SPF, DKIM, DMARC) Networking and protocols such as DNS, LDAP, HTTP Experience with security standards and frameworks such as ISO, MITRE and/or NIST CISSP, CCSP or other industry certification is beneficial. In addition to the above, if you have a consultative approach to problem solving and/or More ❯

and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

line management to SOC Analysts Enhancing team knowledge across SOC tooling, detection methodologies, and threat triage Analyzing and optimizing detection rules and use cases based on MITRE ATT&CK Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements … a Security Operations Centre (SOC) environment Qualified at SOC Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the MITRE ATT&CK Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable More ❯

capability. A keen interest in current cybersecurity developments, with awareness of emerging threats, attacker techniques, and known vulnerabilities. Working knowledge of industry recognized frameworks such as MITRE ATT&CK, and an understanding of key compliance requirements including ISO 27001 and Cyber Essentials Plus. Hands-on experience with Microsoft security technologies, particularly within Azure ecosystems, and More ❯

capability. A keen interest in current cybersecurity developments, with awareness of emerging threats, attacker techniques, and known vulnerabilities. Working knowledge of industry recognized frameworks such as MITRE ATT&CK, and an understanding of key compliance requirements including ISO 27001 and Cyber Essentials Plus. Hands-on experience with Microsoft security technologies, particularly within Azure ecosystems, and More ❯

capability. A keen interest in current cybersecurity developments, with awareness of emerging threats, attacker techniques, and known vulnerabilities. Working knowledge of industry recognized frameworks such as MITRE ATT&CK, and an understanding of key compliance requirements including ISO 27001 and Cyber Essentials Plus. Hands-on experience with Microsoft security technologies, particularly within Azure ecosystems, and More ❯

capability. A keen interest in current cybersecurity developments, with awareness of emerging threats, attacker techniques, and known vulnerabilities. Working knowledge of industry recognized frameworks such as MITRE ATT&CK, and an understanding of key compliance requirements including ISO 27001 and Cyber Essentials Plus. Hands-on experience with Microsoft security technologies, particularly within Azure ecosystems, and More ❯

capability. A keen interest in current cybersecurity developments, with awareness of emerging threats, attacker techniques, and known vulnerabilities. Working knowledge of industry recognized frameworks such as MITRE ATT&CK, and an understanding of key compliance requirements including ISO 27001 and Cyber Essentials Plus. Hands-on experience with Microsoft security technologies, particularly within Azure ecosystems, and More ❯

About You Have a minimum of 3 years experience working in a SOC environment Working knowledge in the following areas: Unix, Linux, Windows, etc. operating systems MITRE ATT&CK Framework Exploits, vulnerabilities, network attacks Networking concepts/understanding of networking protocols. Packet analysis tools (tcpdump, Wireshark, ngrep, etc.) Keen problem solving/troubleshooting skills Strong More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel More ❯

Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking … capability and supporting career progression Enhancing team knowledge across SOC tooling , detection methodologies , and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation , findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements More ❯