26 to 50 of 93 MITRE ATT&CK Jobs in the UK

and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to More ❯

incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve More ❯

fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). Exposure to threat hunting, vulnerability management, or integrations with ServiceNow/ More ❯

for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT&CK). Experience in digital forensics and malware analysis. Understanding of CNI or energy/utility environments. Proficiency in scripting/automation (KQL, PowerShell, Python). Excellent More ❯

sharing What You’ll Bring 2 to 4 years of experience in a SOC, CSIRT or cyber defence environment Strong understanding of attack methodologies such as MITRE ATT&CK and the Cyber Kill Chain Hands on experience with SIEM and EDR tools including Microsoft Sentinel, Defender, Splunk or CrowdStrike Experience with triage, containment and incident More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

to understand their security needs and provide tailored solutions. Lead security assurance activities, including risk assessments, vulnerability assessments, penetration testing, and threat modelling techniques such as MITRE ATT&CK, STRIDE, DREAD, and PASTA. Provide expert guidance on security controls and measures to protect cloud infrastructure and data. Stay up-to-date with the latest security More ❯

or similar role (preferably in MSP/MSSP). Hands-on experience with SIEM, EDR, IDS/IPS, firewalls, and incident response. Familiarity with frameworks like MITRE ATT&CK, NIST, CIS, or ISO 27001. Degree in IT security, or relevant professional Certifications or practical experience. Basic scripting skills (Python, PowerShell, or Bash) are a plus. More ❯

years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or More ❯

years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or More ❯

critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

processes and procedures and train the SOC team on how to follow them efficiently and effectively · Design, develop and deliver Sentinel solutions to clients · Use the MITRE ATT&CK cybersecurity knowledge base to enable the necessary steps to take to help predict an adversary’s behaviour and next move, and quickly and effectively respond to More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯

Strong technical background across SIEM, EDR, vulnerability management, and cloud security (Azure preferred) In-depth understanding of security frameworks such as NIST CSF, ISO 27001, and MITRE ATT&CK Excellent stakeholder engagement and vendor management experience Relevant qualifications such as CISSP, CySA+, or MSc in Information Security If this looks of interest, please apply. More ❯

detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT&CK Relevant Microsoft certifications such as SC-200 and AZ-500 are highly desirable Familiarity with web security tooling such as web proxies, DNS filtering, and Cisco More ❯

detection, prevention, and response methodologies Hands-on experience with EDR, email security, and web security solutions Knowledge of security frameworks such as NIST, ISO 27001, and Mitre ATT&CK Relevant Microsoft certifications such as SC-200 and AZ-500 are highly desirable Familiarity with web security tooling such as web proxies, DNS filtering, and Cisco More ❯

of SIEM, XDR, EDR, vulnerability management, firewalls, and network security. Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials). Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing. Experience in risk management, vendor security assessments, and compliance. Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST CSF, and More ❯

etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative More ❯

enhance security detection content primarily for the Splunk SIEM, to enable the detection of threats across diverse platforms (e.g. cloud, endpoints, and networks) · Use frameworks like MITRE ATT&CK to map detection rules and maximise threat coverage · Use analytical platforms to query high volume datasets to identify trends and spot unusual behaviours, indicative of malicious More ❯

/Kibana or other visualization tools for data visualization, analysis, and monitoring. Alternatively, experience in a threat intelligence platform (TIP) may suffice. Knowledge and application of MITRE ATT&CK and similar frameworks to intelligence products for member reporting. EDUCATION AND EXPERIENCE Bachelor's degree or equivalent practical experience. 7 years of relevant analytical experience is More ❯

Enterprise Security). Strong experience in SPL (Search Processing Language) and log analysis. Deep understanding of security monitoring, incident response, and threat detection methodologies. Familiarity with MITRE ATT&CK, cyber kill chain, and common attack vectors (phishing, malware, insider threats). Experience with EDR tools (e.g., CrowdStrike, SentinelOne), firewalls, IDS/IPS, and SOAR platforms. More ❯