26 to 50 of 59 MITRE ATT&CK Jobs in the UK

Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding of common security frameworks and practices (e.g., MITRE ATT&CK, NIST, ISO 27001). Familiarity with a range of security tools and platforms – experience with Microsoft Sentinel is desirable

Cases & Threat Detection Build and maintain SIEM use cases, alerts, and dashboards for threat detection. Map detection rules to frameworks like MITRE ATT&CK, STRIDE, and NIST CSF. Collaborate with SOC teams to refine incident response workflows. Governance & Compliance Align SIEM architecture with Secure

digital forensics and the ability to document sensitive investigations accurately. Understanding of cloud security principles, PCI DSS/ISO 27001, MITRE ATT&CK, OWASP and vulnerability management frameworks. Ability to automate tasks or scripting experience to enhance SOC efficiency. Experience working with and explaining security

offensive security. Strong hands-on experience with tools like Burp, Nmap, Metasploit, Cobalt Strike, Nessus, etc. Deep knowledge of OWASP, MITRE ATT&CK, and modern attack techniques. Scripting experience (Python, PowerShell, etc.). Industry certifications such as OSCP, OSCE, CREST CRT/CCT, GPEN. Bonus

offensive security. Strong hands-on experience with tools like Burp, Nmap, Metasploit, Cobalt Strike, Nessus, etc. Deep knowledge of OWASP, MITRE ATT&CK, and modern attack techniques. Scripting experience (Python, PowerShell, etc.). Industry certifications such as OSCP, OSCE, CREST CRT/CCT, GPEN. Bonus

metrics analysis. Experience with the application of some of the following frameworks - SANS, NIST 800-61, CVSS, CIS, OSSTM, ISO 27001, MITRE ATT&CK, PCI, HIPAA, GDPR or similar. Experience with cloud security practices Experience with business and technical requirements analysis, business process modeling/

Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence technical and business stakeholders across all levels of an organization

including access controls, authentication, and encryption using Elastic Security features.- Ability to create, test, and optimise detection rules based on the MITRE ATT&CK Framework.- Experience in performance tuning with Elasticsearch and Logstash, including monitoring Logstash pipelines.- Proficiency in using Kibana for data visualisation

telemetry. 2+ years' experience specifically in a Threat Intelligence function. Familiarity with threat actor tracking, vulnerability databases, and frameworks such as MITRE ATT&CK . Strong data analysis skills, ideally using the ELK stack (OpenSearch, Logstash, Kibana) . Intermediate proficiency in Python , capable of automating

across both offensive and defensive cyber security disciplines. Deep understanding of attacker tactics, techniques, and procedures (TTPs), with expertise in the MITRE ATT&CK Framework. Hands-on technical knowledge in cyber detection engineering, security tools, and infrastructure. Skilled in Detection-as-Code and experienced with

/OT interfaces Nice to have: GICSP, OSCP/GPEN/CREST CRT, DFIR exposure, offensive tools experience (Nessus, Metasploit, MITRE ATT&CK for ICS), and physical security assessments aligned with NIS/NPSA Why this role? 80% remote, 20% on client sites across

infrastructures. Strong background in operational security (e.g., Threat Hunting, Red Team, or Intelligence). Familiarity with threat modelling frameworks (STRIDE, PASTA, MITRE ATT&CK, etc.). Knowledge of secure design principles and architecture reviews. Exposure to telecoms environments is highly desirable. Ability to work independently

with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical

with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical

with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical

ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities

ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities

ideally with exposure to telecoms environments. * Background in operational security (Intelligence, Threat Hunting or Red Team) * Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) * Ability to drive work to tight timescales and deadlines. * Ability to work independently and manage priorities

ideally with exposure to telecoms environments. * Background in operational security (Intelligence, Threat Hunting or Red Team) * Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) * Ability to drive work to tight timescales and deadlines. * Ability to work independently and manage priorities

telecoms environments. Experience in operational security (Intelligence, Threat Hunting, or Red Team). Familiarity with threat modelling frameworks such as MITRE ATT&CK, STRIDE, or PASTA. Ability to drive work to tight timescales and meet deadlines. Demonstrated ability to work independently and manage priorities

languages (Python, Bash, PowerShell). Experience with cloud security monitoring (AWS, Azure, GCP). Knowledge of frameworks such as NIST and MITRE ATT&CK. Qualifications Bachelor’s degree in Cyber Security, IT, or related field. 3–5 years in SOC operations, incident response, or threat intelligence. Practical

email filtering, behavioural analytics, TCP/IP and OT protocols, and security applications. Understanding of adversarial TTPs and frameworks such as MITRE ATT&CK. Experience with SIEM and SOAR solutions, IAM, and DLP tools (e.g. FortiSIEM, Q-Radar, Microsoft Secure Gateway, Darktrace, Microsoft Defender, Sentinel). Experience

endpoint, identity, and cloud environments. Act as the final technical escalation point within the SOC. Conduct proactive threat hunts aligned to MITRE ATT&CK. Build custom detections (LogScale queries, correlation rules, Custom IOA). Perform forensic acquisition, malware analysis, and investigation reporting. Enhance SOC tooling, workflows, automations

emerging AI technologies. Information Cyber Security Manager - Key Responsibilities Implement and enhance cybersecurity controls aligned with frameworks like NIST and MITRE ATT&CK. Drive improvements across identity access management, device management, and cloud security (AWS, Microsoft). Innovate detection and response infrastructure, automate manual processes, and tune

emerging AI technologies. Information Cyber Security Manager - Key Responsibilities Implement and enhance cybersecurity controls aligned with frameworks like NIST and MITRE ATT&CK. Drive improvements across identity access management, device management, and cloud security (AWS, Microsoft). Innovate detection and response infrastructure, automate manual processes, and tune