26 to 50 of 63 MITRE ATT&CK Jobs in the UK

SIEM tools (such as Splunk) SOAR is an added advantage Knowledge of malware capabilities, attack vectors and impact. Knowledge of the MITRE ATT&CK framework to understand threat actors and how to mitigate them. Knowledge and experience in threat analysis Excellent interpersonal skills sufficient ...

optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute ...

practices Knowledge of cyber frameworks and regulations including GDPR, NIS, and National Cyber Security Centre guidance Familiarity with frameworks such as MITRE ATT&CK and ITIL processes Experience operating within complex, regulated environments (e.g. public sector, financial services) Strong stakeholder management skills, with the ability ...

practices Knowledge of cyber frameworks and regulations including GDPR, NIS, and National Cyber Security Centre guidance Familiarity with frameworks such as MITRE ATT&CK and ITIL processes Experience operating within complex, regulated environments (e.g. public sector, financial services) Strong stakeholder management skills, with the ability ...

practices Knowledge of cyber frameworks and regulations including GDPR, NIS, and National Cyber Security Centre guidance Familiarity with frameworks such as MITRE ATT&CK and ITIL processes Experience operating within complex, regulated environments (e.g. public sector, financial services) Strong stakeholder management skills, with the ability ...

PowerShell JavaScript Proven experience with cloud platforms: Google Cloud Platform (GCP) Microsoft Azure Deep understanding of cyber security frameworks and methodologies: MITRE ATT&CK NIST Cybersecurity Framework Strong knowledge of SOAR integrations, API development, and enterprise security operations Preferred Qualifications Experience within Banking, Financial Services ...

Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable/Nice-to-Have: Experience with Python , Terraform , or CI/CD pipelines Familiarity ...

Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable/Nice-to-Have: Experience with Python , Terraform , or CI/CD pipelines Familiarity ...

effective security controls aligned with business requirements using a risk-based approach. Familiarity with application attack tactics and techniques, including the MITRE ATT&CK framework, and security maturity models such as OpenSAMM and C2M2. Strong working knowledge of recognised security frameworks and standards, including NIST ...

Threat Analysis & Intelligence Integration: Analyse malicious activities to determine root cause and attack vectors by mapping observed attacker actions to the MITRE ATT&CK framework Monitor threat intelligence feeds for information on new vulnerabilities, malware campaigns, or attack techniques that could impact the Council Evaluate ...

experience with CrowdStrike (Falcon) Advanced Splunk (SPL + Enterprise Security) expertise Solid understanding of networks, cloud (AWS/Azure), and MITRE ATT&CK Bonus: Vulnerability Assessment and Pen Testing experience MUST HAVE LOCAL GOVERNMENT EXPERIENCE Certifications (desirable): Splunk Certified Cybersecurity Defense Engineer (highly preferred) CrowdStrike ...

experience with CrowdStrike (Falcon) Advanced Splunk (SPL + Enterprise Security) expertise Solid understanding of networks, cloud (AWS/Azure), and MITRE ATT&CK Bonus: Vulnerability Assessment and Pen Testing experience MUST HAVE LOCAL GOVERNMENT EXPERIENCE Certifications (desirable): Splunk Certified Cybersecurity Defense Engineer (highly preferred) CrowdStrike ...

managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK Vulnerability Assessment : 2+ years using VA tools would be a bonus Penetration Testing : Exposure to Penetration Testing and Web Application Testing. ...

managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK Vulnerability Assessment: 2+ years using VA tools would be a bonus Penetration Testing: Exposure to Penetration Testing and Web Application Testing. ...

What you’ll be doing: • Engineering and refining advanced SIEM detections across secure environments • Researching emerging threats and mapping detections to MITRE ATT&CK • Tuning detections to improve fidelity and reduce false positives • Supporting SOC analysts and wider engineering teams with technical expertise • Driving detection ...

Familiarity with SIEM platforms and security telemetry analysis Understanding of cloud security concepts (Azure, AWS, or GCP) Desirable Skills Knowledge of MITRE ATT&CK or Cyber Kill Chain frameworks Exposure to SaaS and cloud-native security tooling Experience with scripting or query languages (e.g. ...

Python, PowerShell, and JavaScript. Experience with GCP or Azure cloud environments. (preferably on GCP) Solid understanding of security frameworks such as MITRE ATT&CK and NIST CSF. Strong documentation and architectural design experience (HLD/LLD). Experience within Banking or Financial Services. Exposure ...

skills for articulating complex ideas to broad audiences. Proactive approach to learning and professional development. Understanding of relevant industry standard frameworks (MITRE ATT&CK, D3FEND). Innovative approach to problem-solving. Sensitivity to team dynamics and ability to work well in various technical ...

offensive and defensive IT concepts and protocols Working knowledge of Windows, Linux and MacOS operating systems internals Extensive understanding of the MITRE ATT&CK framework, OWASP Top 10, and other security frameworks Ability to work independently and as part of a team Proficient communication skills ...

Understanding of network segmentation, secure remote access and OT architecture design Familiarity with frameworks such as ISA/IEC 62443 and MITRE ATT&CK for ICS Desirable: Certifications such as GICSP, ISA/IEC 62443, Security+, or CEH Experience working in critical infrastructure or regulated ...

during both day to day operations and during security incidents. - A good understanding of the incident response lifecycle, common attack techniques (MITRE ATT&CK), and how incident response processes integrate with threat detection, monitoring, and wider security operations. ...

data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure platform performance, scalability, and resilience (HA/ ...

data models (ECS/CIM) Develop and tune detection rules using KQL, EQL, and SPL Drive detection engineering lifecycle aligned to MITRE ATT&CK Implement automation, CI/CD, and Infrastructure as Code for SIEM platforms Ensure platform performance, scalability, and resilience (HA/ ...

development Solid knowledge of SIEM operations, including maintenance and troubleshooting Experience performing QRadar upgrades and patching Familiarity with security frameworks (e.g., MITRE ATT&CK) and threat detection methodologies Strong analytical and problem-solving skills For more information or immediate consideration for this opportunity, please contact ...

experience running vendor evaluations and PoCs for enterprise security platforms Strong understanding of offensive techniques mapped to detection capabilities (aligned to MITRE ATT&CK) Experience integrating security tooling outputs into SIEM platforms and broader security workflows Experience with tools such as SafeBreach, BloodHound, Microsoft EASM ...