26 to 50 of 55 MITRE ATT&CK Jobs in the UK

Intelligence, or SOC environments. Hands-on experience with Azure Security Center, Microsoft Sentinel, Defender ATP, M365 Security & Compliance, and KQL scripting. Knowledge of frameworks such as MITRE ATT&CK, NIST, CIS, NCSC, and Security Scorecard. Understanding of network security systems (Zscaler, Darktrace, Firewalls, NAC, VPN, wireless, segmentation). Strong grasp of cloud computing (IaaS/ More ❯

enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours, indicative of malicious More ❯

Excellent communication skills and the ability to work effectively within a collaborative SOC team Desirable Skills Experience with incident documentation and reporting Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001) Ability to adapt quickly to new tools, threats, and operational priorities Any relevant certifications (e.g., Security+, CySA+, Microsoft SC-series, GIAC More ❯

skills and experiences: Experience of working within Security Operations or equivalent roles Demonstrable leadership in Operational Management Experience in the application of relevant industry standard frameworks (MITRE ATT&CK/D3FEND/ENGAGE etc.) in an operational environment A good level of knowledge and proficiency in the use of SIEM platforms, tools and analytical techniques. More ❯

2nd line or similar). Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding of common security frameworks and practices (e.g., MITRE ATT&CK, NIST, ISO 27001). Familiarity with a range of security tools and platforms – experience with Microsoft Sentinel is desirable but not essential. Excellent communication skills – able More ❯

OpenTelemetry, and scripting. Security Use Cases & Threat Detection Build and maintain SIEM use cases, alerts, and dashboards for threat detection. Map detection rules to frameworks like MITRE ATT&CK, STRIDE, and NIST CSF. Collaborate with SOC teams to refine incident response workflows. Governance & Compliance Align SIEM architecture with Secure by Design and Zero Trust principles. More ❯

and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios and detection use cases using frameworks such as MITRE ATT&CK for ICS Performing vulnerability assessments, threat modelling and attack path analysis to identify and address security weaknesses Supporting risk assessments and compliance against standards such as More ❯

5+ years in penetration testing or offensive security. Strong hands-on experience with tools like Burp, Nmap, Metasploit, Cobalt Strike, Nessus, etc. Deep knowledge of OWASP, MITRE ATT&CK, and modern attack techniques. Scripting experience (Python, PowerShell, etc.). Industry certifications such as OSCP, OSCE, CREST CRT/CCT, GPEN. Bonus Points For: Cloud & container More ❯

5+ years in penetration testing or offensive security. Strong hands-on experience with tools like Burp, Nmap, Metasploit, Cobalt Strike, Nessus, etc. Deep knowledge of OWASP, MITRE ATT&CK, and modern attack techniques. Scripting experience (Python, PowerShell, etc.). Industry certifications such as OSCP, OSCE, CREST CRT/CCT, GPEN. Bonus Points For: Cloud & container More ❯

essential, alongside a strong grasp of endpoint security, networking protocols, and cloud technologies Scripting or programming experience for security tooling and SOAR platforms, familiarity with the Mitre ATT&CK framework, and an understanding of Microsoft Windows Active Directory environments. More ❯

in some of the following areas: Practical hands-on experience in security architecture and consultancy Experience in a financial or highly regulated environment Threat Modeling using MITRE ATT&CK/STRIDE Cloud Security - IaaS (AWS), PaaS (Salesforce) & SaaS Experience implementing security solutions surrounding cloud transformation, data management, data storage Experience with Application Security (OWASP Top More ❯

in some of the following areas: Practical hands-on experience in security architecture and consultancy Experience in a financial or highly regulated environment Threat Modeling using MITRE ATT&CK/STRIDE Cloud Security - IaaS (AWS), PaaS (Salesforce) & SaaS Experience implementing security solutions surrounding cloud transformation, data management, data storage Experience with Application Security (OWASP Top More ❯

platform logs (Linux, Windows, SaaS, databases, appliances) for detection logic. Ability to create dashboards, workbooks, and visualisation artefacts to support monitoring. Strong knowledge of attacker techniques (MITRE ATT&CK), logging schemas, and telemetry sources. Relevant Technologies Across Roles Expertise in the following technologies is essential: Operating Systems Red Hat Enterprise Linux (RHEL) IBM AIX Windows More ❯

strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence technical and business stakeholders across all levels of an organization Experience supporting RFP/RFI More ❯

high-volume, real-world attack telemetry. 2+ years' experience specifically in a Threat Intelligence function. Familiarity with threat actor tracking, vulnerability databases, and frameworks such as MITRE ATT&CK . Strong data analysis skills, ideally using the ELK stack (OpenSearch, Logstash, Kibana) . Intermediate proficiency in Python , capable of automating workflows and developing custom analysis More ❯

.- Knowledge of security compliance, including access controls, authentication, and encryption using Elastic Security features.- Ability to create, test, and optimise detection rules based on the MITRE ATT&CK Framework.- Experience in performance tuning with Elasticsearch and Logstash, including monitoring Logstash pipelines.- Proficiency in using Kibana for data visualisation and monitoring. Advantageous:- Familiarity with offensive More ❯

environments (SCADA, PLCs, RTUs) and IT/OT interfaces Nice to have: GICSP, OSCP/GPEN/CREST CRT, DFIR exposure, offensive tools experience (Nessus, Metasploit, MITRE ATT&CK for ICS), and physical security assessments aligned with NIS/NPSA Why this role? 80% remote, 20% on client sites across the UK Work with a More ❯

experience in threat modelling complex infrastructures. Strong background in operational security (e.g., Threat Hunting, Red Team, or Intelligence). Familiarity with threat modelling frameworks (STRIDE, PASTA, MITRE ATT&CK, etc.). Knowledge of secure design principles and architecture reviews. Exposure to telecoms environments is highly desirable. Ability to work independently and meet tight deadlines. If More ❯

of the Elastic Stack (ELK) , with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch More ❯

of the Elastic Stack (ELK) , with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch More ❯

of the Elastic Stack (ELK) , with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch More ❯

reviews. Strong background in cybersecurity, ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities in a dynamic environment. All profiles will More ❯

reviews. Strong background in cybersecurity, ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities in a dynamic environment. All profiles will More ❯

reviews. * Strong background in cybersecurity, ideally with exposure to telecoms environments. * Background in operational security (Intelligence, Threat Hunting or Red Team) * Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) * Ability to drive work to tight timescales and deadlines. * Ability to work independently and manage priorities in a dynamic environment. What you need More ❯

reviews. * Strong background in cybersecurity, ideally with exposure to telecoms environments. * Background in operational security (Intelligence, Threat Hunting or Red Team) * Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) * Ability to drive work to tight timescales and deadlines. * Ability to work independently and manage priorities in a dynamic environment. What you need More ❯