1 to 25 of 59 MITRE ATT&CK Jobs in the UK

commercial platforms to enrich detections Investigate Indicators of Compromise (IOCs) and attacker behaviour Analyse adversary techniques and map activity to the MITRE ATT&CK framework Develop, tune and maintain detection rules for SIEM and EDR platforms Threat Intelligence Management Collect, validate and analyse cyber threat … Hands-on experience with Microsoft Sentinel and Defender XDR Good working knowledge of KQL (Kusto Query Language) Strong understanding of the MITRE ATT&CK framework Experience investigating IOCs and real-world security incidents Excellent written and verbal communication skills Comfortable working in a client-facing ...

technical audiences and continuously improve their content and presentation. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Work as part of a team to ensure that corporate data and technology platform components are safeguarded from … Expertise Essential Skills Proven experience in Security Operations Centre. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Strong knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Strong understanding ...

enrichment logic to enhance detections and investigation efficiency Support purple-team activities, threat modelling, and attack-simulation scenarios aligned to MITRE ATT&CK Provide technical escalation support and mentorship to L1/L2 SOC analysts Perform root-cause analysis, identify systemic issues, and drive continuous … Windows, Azure AD/Entra ID, M365, network security, and cloud workloads Advanced knowledge of attacker TTPs, threat intelligence sources, and MITRE ATT&CK mapping Proven experience leading major incidents in an enterprise SOC environment Strong understanding of SOAR automation and experience building Logic Apps ...

reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from … Farnborough. What youll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding of networking ...

endpoint telemetry, network traffic and logs Supporting live incident response, escalation and containment activities Enhancing detections, rules and playbooks aligned to MITRE ATT&CK Producing clear, high-quality incident reports for both technical and senior stakeholders Contributing to threat intelligence and proactive defence initiatives Staying … Proven experience working in a Security Operations Centre (SOC) Hands-on SIEM experience (Microsoft Sentinel, Splunk, or similar) Strong understanding of MITRE ATT&CK and modern detection techniques Confident analysis across logs, endpoints and network traffic Solid knowledge of core networking protocols (TCP/ ...

develop team knowledge of SOC tools, security operations and triage. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Maintain and update security incident documentation, including incident reports, analysis findings, and recommended mitigation strategies. Represent … management experience to help develop Analysts and lead careers. Demonstrable experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid grasp of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Good understanding ...

playbooks. The role includes mentoring CIRT analysts , enhancing SIEM/SOAR automation, and continuously improving processes using frameworks such as MITRE ATT&CK, NIST 800-61, and PCI DSS. What this job is really about Owning cyber incident response end-to-end: from first alert … cases so you see retail-relevant threats early and clearly.? Being the person who connects the dots between frameworks like MITRE ATT&CK, NIST 800-61, PCI DSS and what actually happens on the ground. Who this will suit You've worked in SOC, Incident ...

environments Security automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs Cloud infrastructure - Azure preferred, AWS considered; IAM, managed … environments Security automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs Cloud infrastructure - Azure preferred, AWS considered; IAM, managed ...

providers to ensure effective delivery of external threat services Evaluating current security controls against known threat actors using frameworks such as MITRE ATT&CK and CIS Controls Supporting threat intelligence-led security testing initiatives, including red and purple teaming exercises Contributing to continuous improvement … deliver measurable outcomes quickly Strong understanding of threat actor behaviours, TTPs, and global threat trends Experience working with frameworks such as MITRE ATT&CK and CIS Ability to analyse large datasets and translate findings into meaningful intelligence outputs Experience producing intelligence reports across tactical, operational ...

providers to ensure effective delivery of external threat services Evaluating current security controls against known threat actors using frameworks such as MITRE ATT&CK and CIS Controls Supporting threat intelligence-led security testing initiatives, including red and purple teaming exercises Contributing to continuous improvement … deliver measurable outcomes quickly Strong understanding of threat actor behaviours, TTPs, and global threat trends Experience working with frameworks such as MITRE ATT&CK and CIS Ability to analyse large datasets and translate findings into meaningful intelligence outputs Experience producing intelligence reports across tactical, operational ...

investigate security incidents on critical infrastructure. Analyse logs, network traffic, and system events to spot threats. Improve detection rules, play with MITRE ATT&CK, and make the SOC smarter. Represent the SOC in meetings and client discussions. You’ve got: Solid SOC experience and people … management chops. Hands-on with Microsoft Sentinel, Splunk, or similar. Strong networking, server, and security fundamentals. Knowledge of MITRE ATT&CK and threat-informed defence. Bonus points: malware analysis, scripting (Python, PowerShell), CREST or SOC certs, QRadar experience. Join a team that’s growing fast ...

Defence policies and standards, such as GovS 007: Security and DEFSTAN norms. Performing threat modelling and assessment utilising STRIDE-LM and MITRE ATT&CK frameworks, integrating results into risk assessment reports. Conducting Business Resilience and Single Point of Failure (SPoF) assessments across the supply chain … experience with UK Defence security frameworks and relevant policies. Experience in conducting threat modelling and assessments using frameworks such as MITRE ATT&CK and STRIDE-LM. Experience in reconciling information security risk against critical asset and service lists. Ability to prioritise and plan complex work ...

Score remediation Vulnerability Management Tools such as Tenable , Pentera , Varonis , Secure Score Experience coordinating remediation with technical teams Frameworks & Security Models MITRE ATT&CK, OWASP Top 10 Exposure to zero-trust principles Understanding of encryption, certificate management, secrets management Scripting & Automation PowerShell (essential) Python ...

Active Directory, Windows/Linux systems, and cloud platforms (Azure, AWS, GCP) Proficiency in scripting (PowerShell, Python) Familiarity with security frameworks (MITRE ATT&CK, NIST, Kill Chain) Experience with EDR, DLP, Proxy, and SEG tools Desirable Qualifications Certifications: AZ-500, SC-200, SC-900, CompTIA ...

perimeter controls and operating systems Understanding of cloud security controls and container security Experience with EDR tooling and familiarity with the MITRE ATT&CK framework Experience with scripting or basic coding for automation Experience conducting investigations including eDiscovery Industry recognised security certifications such as CISSP ...

ensure all appropriate actions are being taken and communicated. Conduct advanced threat hunting by using threat intelligence and the MITRE ATT&CK framework to proactively identify suspicious activity in the environment. Ensure data accuracy within the case management system and others. When not actively responding ...

Understanding of frameworks such as National Institute of Standards and Technology guidance, International Organization for Standardization ISO 27001, and the MITRE ATT&CK framework ...

Understanding of frameworks such as National Institute of Standards and Technology guidance, International Organization for Standardization ISO 27001, and the MITRE ATT&CK framework ...

identity tools. Knowledge of DNS, DMARC/DKIM/SPF, networking fundamentals and TCP/IP. Familiarity with frameworks such as MITRE ATT&CK, ISO27001, CIS benchmarks, NIST, Cyber Essentials. Ability to explain technical concepts to non-technical audiences. Strong documentation, analysis and problem-solving ...

Good working knowledge of DNS, web proxy, email security (DMARC, DKIM, SPF) Understanding of vulnerability and risk assessment methodologies Familiarity with MITRE ATT&CK framework and modern threat landscapes Strong communication skills with the ability to explain technical concepts to non-technical audiences Experience working ...

correlations • Leading post-incident reviews and reporting • Engaging in vulnerability lifecycle management and remediation guidance • Contributing to continuous improvement, automation and MITRE ATT&CK maturity What We Are Looking For: • 1–5 years’ SOC or operational cyber experience • Strong hands-on experience with SIEM tools ...

Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal ...

Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal ...

Cyber team. Develop experience across real security operations, clients, environments and SIEM technologies. Gain exposure to industry frameworks such as MITRE ATT&CK and NIST. Build foundational knowledge across: Threat detection & incident response SOC processes and tooling Log analysis Microsoft security technologies (including Sentinel, Defender ...

Strong experience with Splunk, Splunk Enterprise Security, Splunk SOAR, and Splunk UBA. · Solid understanding of security incident response and security frameworks (MITRE ATT&CK, NIST) · Experience with scripting/programming (Python, Java, Perl, etc.) and big data analytics. · Familiarity with Windows, Linux/UNIX systems ...