26 to 50 of 59 MITRE ATT&CK Jobs in the UK

etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative More ❯

detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT&CK Relevant Microsoft certifications such as SC-200 and AZ-500 are highly desirable Familiarity with web security tooling such as web proxies, DNS filtering, and Cisco More ❯

Intelligence, or SOC environments. Hands-on experience with Azure Security Center, Microsoft Sentinel, Defender ATP, M365 Security & Compliance, and KQL scripting. Knowledge of frameworks such as MITRE ATT&CK, NIST, CIS, NCSC, and Security Scorecard. Understanding of network security systems (Zscaler, Darktrace, Firewalls, NAC, VPN, wireless, segmentation). Strong grasp of cloud computing (IaaS/ More ❯

MS Security Operations Analyst or AZ-500 Azure Security Engineer Associate Knowledge of cloud security principles and technologies Strong understanding of security frameworks (NIST, ISO 27001, Mitre ATT&CK) Knowledge of web security tooling such as web proxy, DNS filtering and similar (e.g. Cisco Umbrella) Previous experience as a Security Analyst or in a SOC More ❯

Excellent communication skills and the ability to work effectively within a collaborative SOC team Desirable Skills Experience with incident documentation and reporting Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001) Ability to adapt quickly to new tools, threats, and operational priorities Any relevant certifications (e.g., Security+, CySA+, Microsoft SC-series, GIAC More ❯

Excellent communication skills and the ability to work effectively within a collaborative SOC team Desirable Skills Experience with incident documentation and reporting Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001) Ability to adapt quickly to new tools, threats, and operational priorities Any relevant certifications (e.g., Security+, CySA+, Microsoft SC-series, GIAC More ❯

and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios and detection use cases using frameworks such as MITRE ATT&CK for ICS Performing vulnerability assessments, threat modelling and attack path analysis to identify and address security weaknesses Supporting risk assessments and compliance against standards such as More ❯

2nd line or similar). Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding of common security frameworks and practices (e.g., MITRE ATT&CK, NIST, ISO 27001). Familiarity with a range of security tools and platforms – experience with Microsoft Sentinel is desirable but not essential. Excellent communication skills – able More ❯

OpenTelemetry, and scripting. Security Use Cases & Threat Detection Build and maintain SIEM use cases, alerts, and dashboards for threat detection. Map detection rules to frameworks like MITRE ATT&CK, STRIDE, and NIST CSF. Collaborate with SOC teams to refine incident response workflows. Governance & Compliance Align SIEM architecture with Secure by Design and Zero Trust principles. More ❯

/Kibana or other visualization tools for data visualization, analysis, and monitoring. Alternatively, experience in a threat intelligence platform (TIP) may suffice. Knowledge and application of MITRE ATT&CK and similar frameworks to intelligence products for member reporting. EDUCATION AND EXPERIENCE Bachelor's degree or equivalent practical experience. 7 years of relevant analytical experience is More ❯

5+ years in penetration testing or offensive security. Strong hands-on experience with tools like Burp, Nmap, Metasploit, Cobalt Strike, Nessus, etc. Deep knowledge of OWASP, MITRE ATT&CK, and modern attack techniques. Scripting experience (Python, PowerShell, etc.). Industry certifications such as OSCP, OSCE, CREST CRT/CCT, GPEN. Bonus Points For: Cloud & container More ❯

5+ years in penetration testing or offensive security. Strong hands-on experience with tools like Burp, Nmap, Metasploit, Cobalt Strike, Nessus, etc. Deep knowledge of OWASP, MITRE ATT&CK, and modern attack techniques. Scripting experience (Python, PowerShell, etc.). Industry certifications such as OSCP, OSCE, CREST CRT/CCT, GPEN. Bonus Points For: Cloud & container More ❯

experience handling major cyber incidents across diverse environments and technologies. • In-depth understanding of cyber threat actor tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK, NIST, and Cyber Kill Chain. • Strong experience in cloud and hybrid environments (M365, Azure, AWS, Google Cloud). • Demonstrated ability to communicate highly technical information to More ❯

Familiarity with campaign tracking techniques and converting the tracking results to long term countermeasures Familiarity with threat modeling framework, such as Diamond Model or/and MITRE ATT&CK framework Experience with intelligence-driven hunting to spot suspicious activities in the network and identify potential risks Proven track record of managing and executing on short More ❯

You’ll Do: Lead red team activities: penetration testing, threat emulation, resilience validation Support blue team functions: architecture, compliance, monitoring, incident response Develop attack scenarios using MITRE ATT&CK for ICS Conduct risk assessments and support standards like IEC 62443 & NIST SP800-82 Collaborate with stakeholders and contribute to training, reporting, and continuous improvement ✅ What More ❯

strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence technical and business stakeholders across all levels of an organization Experience supporting RFP/RFI More ❯

.- Knowledge of security compliance, including access controls, authentication, and encryption using Elastic Security features.- Ability to create, test, and optimise detection rules based on the MITRE ATT&CK Framework.- Experience in performance tuning with Elasticsearch and Logstash, including monitoring Logstash pipelines.- Proficiency in using Kibana for data visualisation and monitoring. Advantageous:- Familiarity with offensive More ❯

high-volume, real-world attack telemetry. 2+ years' experience specifically in a Threat Intelligence function. Familiarity with threat actor tracking, vulnerability databases, and frameworks such as MITRE ATT&CK . Strong data analysis skills, ideally using the ELK stack (OpenSearch, Logstash, Kibana) . Intermediate proficiency in Python , capable of automating workflows and developing custom analysis More ❯

platform logs (Linux, Windows, SaaS, databases, appliances) for detection logic. Ability to create dashboards, workbooks, and visualisation artefacts to support monitoring. Strong knowledge of attacker techniques (MITRE ATT&CK), logging schemas, and telemetry sources. Relevant Technologies Across Roles Expertise in the following technologies is essential: Operating Systems Red Hat Enterprise Linux (RHEL) IBM AIX Windows More ❯

environments (SCADA, PLCs, RTUs) and IT/OT interfaces Nice to have: GICSP, OSCP/GPEN/CREST CRT, DFIR exposure, offensive tools experience (Nessus, Metasploit, MITRE ATT&CK for ICS), and physical security assessments aligned with NIS/NPSA Why this role? 80% remote, 20% on client sites across the UK Work with a More ❯

experience in threat modelling complex infrastructures. Strong background in operational security (e.g., Threat Hunting, Red Team, or Intelligence). Familiarity with threat modelling frameworks (STRIDE, PASTA, MITRE ATT&CK, etc.). Knowledge of secure design principles and architecture reviews. Exposure to telecoms environments is highly desirable. Ability to work independently and meet tight deadlines. If More ❯

of the Elastic Stack (ELK) , with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch More ❯

of the Elastic Stack (ELK) , with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch More ❯

of the Elastic Stack (ELK) , with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch More ❯

reviews. Strong background in cybersecurity, ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities in a dynamic environment. All profiles will More ❯