26 to 50 of 177 MITRE ATT&CK Jobs in the UK

data enrichment tools. Experience using Breach and Attack Simulation (BAS) platforms to build and validate threat scenarios. Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modeling. Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera. Experience producing threat reports and … activities by providing contextual intelligence and working alongside hunt team members. Conduct threat modeling of threat actors, including their capabilities, motivations, and potential impact. Leverage the MITRE ATT&CK framework to map threat actor behaviors and support detection engineering. Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans. Collaborate with global stakeholders More ❯

security advisor or consultant Knowledge of the following frameworks: ISO 27001/2, NIST Cyber Security Framework, CIS Critical Security, PCI DSS, Cloud Controls Matrix and MITRE Att&ck a plus. *Benefits Of Working At CrowdStrike:* Remote-friendly and flexible work culture Market leader in compensation and equity awards Comprehensive physical and mental wellness programs … security advisor or consultant Knowledge of the following frameworks: ISO 27001/2, NIST Cyber Security Framework, CIS Critical Security, PCI DSS, Cloud Controls Matrix and MITRE Att&ck a plus. More ❯

of updating and managing reference data - Conduct current state assessment of detection engineering capabilities and log source coverage - Design and implement detection use cases aligned to MITRE ATT&CK framework - Enable SOAR integration by identifying high-fidelity detections and mapping Key Technical/IT Security Skills; - Chronicle SIEM - Google SecOps - UEBA Tooling - Windows Event Logs … BindPlane - MITRE ATT&CK - Strong SOC background - SOAR playbooks - GCP Finer Details; - Outside IR35 - Contract until End of December, possibly longer - Hybrid, 4 times a month in the London office Please apply for consideration More ❯

has a strong technical focus, centred on the collection, enrichment, automation, and analysis of adversary tactics, techniques, and procedures (TTPs) across the Unified Kill Chain and MITRE ATT&CK frameworks. You’ll also support strategic intelligence functions, acting as a backup point of contact when needed to ensure continuity of intelligence delivery across our global … content and operational playbooks would be a bonus. Skills You’ll Need: Advanced understanding of attacker tools, techniques, and procedures. Knowledge of security frameworks: OWASP, NIST, MITRE ATT&CK, Unified Kill Chain. Proficient in risk analysis and information systems best practices. Expertise in intelligence gathering and analysis tools, including OSINT. Strong knowledge of malware analysis More ❯

REST APIs . Optimise existing playbooks for scalability, performance, and reliability. Work with Python and other scripting tools to drive automation efficiency. Leverage frameworks such as MITRE ATT&CK to enhance detection and response capabilities. What We Are Looking For: Strong hands-on experience with SOAR platforms (ideally Palo Alto Cortex XSOAR). Solid development … experience in Python . Good understanding of REST APIs and their integration into automation workflows. Familiarity with MITRE ATT&CK framework or similar. Background with Linux/Windows environments and experience working with public cloud (AWS/Azure/GCP) . Details: Contract: Initial term (awaiting duration confirmation) Rate: TBC (competitive daily rate) Location: Hybrid More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

threat intelligence and gap analysis • Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads • Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic • Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning • Collaborate with detection engineers to … translate investigative insights into operational detections Skills • Strong analytical and investigative mindset with demonstrable curiosity and attention to detail • Familiarity with common attacker techniques and MITRE ATT&CK mapping • Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry • Comfortable navigating enterprise-scale environments and understanding host, user and More ❯

architecture for service mesh deployments across Kubernetes and containerised platforms. Conduct risk assessments and develop mitigation strategies for identified vulnerabilities. Create detailed threat models aligned to MITRE ATT&CK and STRIDE frameworks. Design and review secure API gateway patterns using IBM DataPower. Lead implementation of Zero-Trust , mTLS, RBAC and policy enforcement within service mesh … designing secure architectures for hybrid/multi-cloud environments. Strong background in Zero-Trust , microservices security, and containerised platforms. Experienced in building bespoke threat models using MITRE ATT&CK & STRIDE . Ability to assess security elements of solution designs, constructively challenge, and drive secure outcomes. If you are interested or would like to know more More ❯

architecture for service mesh deployments across Kubernetes and containerised platforms. Conduct risk assessments and develop mitigation strategies for identified vulnerabilities. Create detailed threat models aligned to MITRE ATT&CK and STRIDE frameworks. Design and review secure API gateway patterns using IBM DataPower. Lead implementation of Zero-Trust , mTLS, RBAC and policy enforcement within service mesh … designing secure architectures for hybrid/multi-cloud environments. Strong background in Zero-Trust , microservices security, and containerised platforms. Experienced in building bespoke threat models using MITRE ATT&CK & STRIDE . Ability to assess security elements of solution designs, constructively challenge, and drive secure outcomes. If you are interested or would like to know more More ❯

architecture for service mesh deployments across Kubernetes and containerised platforms. Conduct risk assessments and develop mitigation strategies for identified vulnerabilities. Create detailed threat models aligned to MITRE ATT&CK and STRIDE frameworks. Design and review secure API gateway patterns using IBM DataPower. Lead implementation of Zero-Trust , mTLS, RBAC and policy enforcement within service mesh … designing secure architectures for hybrid/multi-cloud environments. Strong background in Zero-Trust , microservices security, and containerised platforms. Experienced in building bespoke threat models using MITRE ATT&CK & STRIDE . Ability to assess security elements of solution designs, constructively challenge, and drive secure outcomes. If you are interested or would like to know more More ❯

key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews … effective shift models. Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem, and change management. It More ❯

provides round-the-clock monitoring and response for critical customer environments. Key Responsibilities: Build & Enhance: Tune and optimise security monitoring tools and SIEM rulesets aligned to MITRE ATT&CK. Maintain and improve internal SOC processes and playbooks. Assist in testing and validating new detection logic and use cases. Investigate & Respond: Monitor and triage alerts across a range … Google Chronicle, or similar. Working knowledge of EDR/XDR tools such as CrowdStrike, SentinelOne, Palo Alto Cortex, or Microsoft Defender. Understanding of incident response frameworks (MITRE ATT&CK preferred). Experience with vulnerability management platforms such as Rapid7 or Tenable. Exposure to Cyber Threat Intelligence and its application within SOC workflows. Experience with ticketing More ❯

executive audiences. Work closely with clients to define forensic requirements and develop incident response playbooks. Conduct threat hunting and compromise assessments, correlating findings with threat intelligence (MITRE ATT&CK, TTPs, IOCs). Support cloud forensics in AWS and Azure, ensuring proper collection and handling of digital evidence. Help develop forensic methodologies and best practices, contributing … translate complex forensic data into clear, client-friendly reports. Knowledge of chain of custody, evidential procedures, and forensic readiness. Familiarity with threat intelligence frameworks such as MITRE ATT&CK. Relevant certifications (desirable): GCFA, GCIH, CISSP, AWS Security Specialty, Azure Security Engineer. As an industry leading, nationwide Marketing, Digital, Analytics, IT and Design recruitment agency, we are continually More ❯

incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve More ❯

incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve More ❯

incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve More ❯

incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve More ❯

for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT&CK). Experience in digital forensics and malware analysis. Understanding of CNI or energy/utility environments. Proficiency in scripting/automation (KQL, PowerShell, Python). Excellent More ❯

for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT&CK). Experience in digital forensics and malware analysis. Understanding of CNI or energy/utility environments. Proficiency in scripting/automation (KQL, PowerShell, Python). Excellent More ❯

for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT&CK). Experience in digital forensics and malware analysis. Understanding of CNI or energy/utility environments. Proficiency in scripting/automation (KQL, PowerShell, Python). Excellent More ❯

and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to More ❯

and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to More ❯

and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to More ❯

sharing What You’ll Bring 2 to 4 years of experience in a SOC, CSIRT or cyber defence environment Strong understanding of attack methodologies such as MITRE ATT&CK and the Cyber Kill Chain Hands on experience with SIEM and EDR tools including Microsoft Sentinel, Defender, Splunk or CrowdStrike Experience with triage, containment and incident More ❯