51 to 75 of 91 MITRE ATT&CK Jobs in the UK

compliance with data protection regulations. Detection Rule Development: Ability to create, test, and optimise detection rules to identify suspicious activities and potential threats based on the MITRE ATT&CK Framework Performance Tuning with Elasticsearch and Logstash: Fine-tune query performance using Elasticsearch indices and mappings. Monitor Logstash pipelines and optimize resource utilization. Kibana Visualization and More ❯

compliance with data protection regulations. Detection Rule Development: Ability to create, test, and optimise detection rules to identify suspicious activities and potential threats based on the MITRE ATT&CK Framework Performance Tuning with Elasticsearch and Logstash: Fine-tune query performance using Elasticsearch indices and mappings. Monitor Logstash pipelines and optimize resource utilization. Kibana Visualization and More ❯

or in a similar role within cybersecurity ️ Strong knowledge of threat intelligence platforms (TIPs), open-source intelligence (OSINT), and malware analysis ️ Familiarity with cybersecurity frameworks (e.g., MITRE ATT&CK, STIX, TAXII) ️ Experience in analyzing cyber threats, including advanced persistent threats (APTs), ransomware, and phishing attacks ️ Certifications such as GCIH, CTIA, or equivalent are highly desirable More ❯

containerised environments. Experience in building or maturing security culture initiatives, including awareness programs, gamified training, or executive engagement. Experience with security testing tools and frameworks (e.g., MITRE ATT&CK, Cobalt Strike, Metasploit, Burp Suite, or similar). About the job The UK Security Operations (SecOps) team in Google Public Sector delivers, operates and secures private More ❯

cyber-attacks. Experience within a Security Operations Centre. Fluent in English, both written and spoken. Excellent presentation and analytical skills. Preferred Skills and Qualifications Understanding of MITRE ATT&CK techniques and ability to explain TTPs to clients. Experience creating SIGMA, SNORT, and YARA rules for detection. Control Risks offers a competitive compensation and benefits package More ❯

better suited to. 8+ years of experience in IoT security, preferably in the medical device or the pharmaceutical industry. Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining More ❯

Advanced Investigation and Escalated Response o Perform in-depth investigations using correlated data from all available tooling. o Reconstruct attack chains and identify root causes using MITRE ATT&CK. o Recommend and coordinate response actions to mitigate impact during active incidents. • IOC and Threat Analysis o Investigate indicators of compromise using commercial and open-source threat intelligence. … and recommending follow-up actions when threats are confirmed. • Threat Hunting o Lead and participate in threat hunts using hypothesis-driven approaches mapped to TTPs and MITRE ATT&CK. o Leverage telemetry and queries in tooling to identify suspicious indicators not surfaced through existing detection logic. o Document hunting activities, findings, and detection coverage gaps to support More ❯

For: ️ Proven experience as a Cyber Threat Intelligence Specialist or in a similar threat analysis role ️ Strong knowledge of threat intelligence frameworks (e.g., STIX/TAXII, MITRE ATT&CK) and tools (e.g., SIEM, threat intelligence platforms) ️ Experience with threat hunting, incident response, and malware analysis ️ Familiarity with cyber threat actors, attack methodologies, and geopolitical threat More ❯

technical concepts to different audiences both verbally and in writing. • Familiar with analytic techniques and common frameworks such as Cyber Kill Chain Model, Diamond Model, and MITRE ATT&CK Matrix, and a background using these methodologies/frameworks during intelligence gathering and analysis activities. • Work analytically and critically and produce analysis that is repeatable and More ❯

/ML security risks and related countermeasures. Nice to have: Certifications such as OSCP, GCIH, GWAPT, or CISSP. Familiarity with security frameworks such as NIST CSF, MITRE ATT&CK, OWASP ASVS, or ISO 27001. Experience with commercial security tools such as EDR, SIEM, CSPM, CNAPP, vulnerability scanners, bug bounty platforms, WAFs, or compliance automation platforms. More ❯

experience in detection engineering or incident response. Ability in developing SOAR automations. Strong Python scripting and query language skills (SPL, EQL, SQL). Excellent knowledge of MITRE ATT&CK, TCP/IP, and protocols (DNS, HTTP, REST, SOAP). Unix/Linux proficiency. Flexibility to work 3 days onsite is essential Desirable skills: YARA, STIX More ❯

/or Linux environments, cloud/hybrid environments - Proficient in SIEM management, configuration and analysis - Experience with Security Orchestration Automation and Response (SOAR) tools - Understanding of MITRE ATT&CK and attacker techniques - Security certifications such as GCIA, GCFA, GCFE, CISSP or CEH (highly advantageous) - Experience of working within an enterprise, global environment Threat Detection Engineer More ❯

Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating detailed intelligence reports and contributing to proactive threat hunting Leveraging frameworks like MITRE ATT&CK to map adversary TTPs and assess risks To secure the role, your Cyber Threat Intelligence experience will covers: Solid understanding of CTI methodologies, threat actor TTPs More ❯

Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating detailed intelligence reports and contributing to proactive threat hunting Leveraging frameworks like MITRE ATT&CK to map adversary TTPs and assess risks To secure the role, your Cyber Threat Intelligence experience will covers: Solid understanding of CTI methodologies, threat actor TTPs More ❯

and playbooks. Identifying lessons learned to improve future incident response and detection strategies. Contribute to development of detection mechanisms for sophisticated adversarial techniques based on the MITRE ATT&CK framework. Purple Teaming and Advanced Testing Support the planning and response of purple teaming activities. Develop scenarios and artifacts that mimic real-world adversary groups for More ❯

impressing the techies but also for keeping things real when the going gets tough Deep knowledge of APT groups, their TTPs, and infrastructure patterns Experience with MITRE ATT&CK mapping and adversary emulation Track record of discovering novel threats or attribution work CREST CCTIM or willingness to obtain Skills and Experience: Experience following regulated threat More ❯

the following technical competencies: Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. More ❯

Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across delivery teams. Benefits Collaborative working environment More ❯

Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across delivery teams. Benefits Collaborative working environment More ❯

Understanding aircraft production and supply chain security, including configuration management, supplier assurance, and design data integrity. Exposure to digital threat modelling techniques tailored to aerospace domains (MITRE ATT&CK for ICS/Aerospace, STRIDE-LM). Ability to contribute to internal capability development, methodology refinement, and knowledge transfer across delivery teams. Experience Minimum of More ❯

a good understanding of the Microsoft platforms across Windows, Microsoft 365, and Azure. • Understand techniques and approaches used by threat actors to compromise companies. • Apply the MITRE ATT&CK framework to help customers improve their cyber defence. • Understand the business, privacy, security, and compliance challenges surrounding client data and articulate the types of assets that More ❯

strategies (e.g., Zscaler, Cisco Umbrella, Infoblox) and their role in threat containment Deep knowledge of Zero Trust Architecture, lateral movement prevention, and alignment to frameworks like MITRE ATT&CK and NIST CSF Excellent communication skills with the ability to influence technical and business stakeholders across all levels of an organization Experience supporting RFP/RFI More ❯

compromise Expertise on AWS security controls and services Experience leveraging coding for automation, alert enrichment and detections Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles Comfortable with macOS, Windows & Linux operating systems Domain experience working with SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and More ❯

compromise Expertise on AWS security controls and services Experience leveraging coding for automation, alert enrichment and detections Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles Comfortable with macOS, Windows & Linux operating systems Domain experience working with SIEM and SOAR platforms Experience developing tools and automation using common DevOps toolsets and More ❯

reporting abilities. Familiarity with risk management frameworks (ISO 3100X, NIST 800 series, ENISA, EBIOS, OCTAVE, FAIR). Preferred: Background in information security and security frameworks (eg, MITRE ATT&CK, ISO 2700X). Experience working in multinational environments. Knowledge of AI governance or ethics is a plus. Details 9+ month contract (Inside IR35) | Hybrid: 3 days More ❯