1 to 25 of 52 MITRE ATT&CK Jobs in the UK excluding London

Science, Information Security, or related field (or equivalent experience). • 3–5+ years of experience in cybersecurity or information security engineering/analysis. • Strong knowledge of MITRE ATT&CK, NIST, ISO 27001, and other frameworks. • Experience with security tools. • Familiarity with scripting languages (Python, Bash, PowerShell) is a plus. • Relevant certifications (e.g., CEH, OSCP, CISSP … GSEC) preferred. If you have 3–5+ years of experience in cybersecurity or information security engineering/analysis with relevant certifications, along with strong knowledge of MITRE ATT&CK, NIST, ISO 27001, and other frameworks alongside experience with security tools, and you are looking to join a team at a friendly, supportive company that prides More ❯

of the customer environments. Prepare reports for managed clients to both technical and non-technical audiences, Collaborate on improving detection rules and use cases aligned with Mitre Att&ck and threat-informed defense. Participate in a team effort to guarantee that corporate data and technology platform components are shielded from known threats. Collaborate with team … shifts from our office in Farnborough. What you’ll bring: Experience demonstrated in Security Operations Centre. Experience using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise AntiVirus products. Understanding of networking principles including TCP/ More ❯

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What youll … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What you … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

oversee security monitoring, incident response, and continuous improvement of SOC operations. You’ll work with cutting-edge technologies and frameworks, including Microsoft Sentinel, Splunk, and the MITRE ATT&CK framework, while mentoring and developing your team. Key Responsibilities: Lead and manage a team of SOC Analysts across shift operations. Monitor, triage, and investigate security incidents … For: Proven experience in a Security Operations Centre environment. Strong people management and mentoring skills. Hands-on experience with Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Solid understanding of networking principles and enterprise security tools. Desirable Skills: Experience in static malware analysis and reverse engineering. Scripting/programming skills (Python, Bash More ❯

activities by providing contextual intelligence and working alongside hunt team members Conduct threat modelling of threat actors, including their capabilities, motivations, and potential impact Leverage the MITRE ATT&CK framework to map threat actor behaviours and support detection engineering Develop and maintain threat profiles, attack surface assessments, and adversary emulation plans Collaborate with global stakeholders … intelligence platforms (TIPs), SIEMs, and threat data enrichment tools Experience using Breach and Attack Simulation (BAS) platforms Strong understanding of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and threat modelling Hands-on experience with penetration testing tools such as Metasploit Framework, Burp Suite, Kali Linux, and Pentera Experience producing threat reports and More ❯

has a strong technical focus, centred on the collection, enrichment, automation, and analysis of adversary tactics, techniques, and procedures (TTPs) across the Unified Kill Chain and MITRE ATT&CK frameworks. You’ll also support strategic intelligence functions, acting as a backup point of contact when needed to ensure continuity of intelligence delivery across our global … content and operational playbooks would be a bonus. Skills You’ll Need: Advanced understanding of attacker tools, techniques, and procedures. Knowledge of security frameworks: OWASP, NIST, MITRE ATT&CK, Unified Kill Chain. Proficient in risk analysis and information systems best practices. Expertise in intelligence gathering and analysis tools, including OSINT. Strong knowledge of malware analysis More ❯

architecture for service mesh deployments across Kubernetes and containerised platforms. Conduct risk assessments and develop mitigation strategies for identified vulnerabilities. Create detailed threat models aligned to MITRE ATT&CK and STRIDE frameworks. Design and review secure API gateway patterns using IBM DataPower. Lead implementation of Zero-Trust , mTLS, RBAC and policy enforcement within service mesh … designing secure architectures for hybrid/multi-cloud environments. Strong background in Zero-Trust , microservices security, and containerised platforms. Experienced in building bespoke threat models using MITRE ATT&CK & STRIDE . Ability to assess security elements of solution designs, constructively challenge, and drive secure outcomes. If you are interested or would like to know more More ❯

secure client environments Investigating threats using logs, network traffic, and endpoint telemetry Supporting response efforts during live security incidents Improving detection rules, playbooks, and tooling with MITRE ATT&CK-driven enhancements Producing clear incident reports for both technical and non-technical audiences Contributing to threat intelligence initiatives Staying ahead of the curve on emerging threats … To secure this SOC role: Proven experience in a Security Operations Centre (SOC) environment Hands-on knowledge of SIEM tools (Microsoft Sentinel, Splunk, etc.) Familiarity with MITRE ATT&CK and threat detection methodologies Strong analytical mindset with log, endpoint, and network analysis skills Understanding of network protocols (TCP/IP, DNS, HTTP, SMTP) Awareness of More ❯

SOC incident queues and support asset baseline maintenance. Prepare reports for technical and non-technical audiences. Collaborate on improving detection rules and use cases aligned with MITRE ATT&CK. Contribute to threat intelligence development and incident documentation. Shift Pattern: 2 days (6am–6pm), 2 nights (6pm–6am), followed by 4 days off. What We’re Looking For … Experience working in a Security Operations Centre. Familiarity with Microsoft Sentinel and Splunk. Understanding of the MITRE ATT&CK framework. Basic knowledge of networking, client-server applications, firewalls, VPNs, and antivirus products. Entry-level cybersecurity certification (e.g., CompTIA Security+, CEH, CPSA). Academic background in cybersecurity or a related subject. Desirable Skills: Programming/scripting More ❯

key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews … effective shift models. Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem, and change management. It More ❯

Splunk or Microsoft Sentinel. A passion for developing teams — coaching analysts and building collaborative, high-performing cultures. Strong understanding of frameworks and standards such as NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL. Excellent communication skills, with the ability to translate technical risks into clear business impacts. Desirable Vendor certifications such as Splunk Certified More ❯

Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry More ❯

and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to More ❯

fundamentals. Excellent problem-solving skills and a passion for continuous improvement. Experience with SOAR platforms (e.g., Microsoft Sentinel Automation, Cortex XSOAR, Splunk SOAR). Knowledge of MITRE ATT&CK mapping and detection engineering frameworks. Infrastructure-as-Code experience (Terraform, Bicep, or ARM templates). Exposure to threat hunting, vulnerability management, or integrations with ServiceNow/ More ❯

for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT&CK). Experience in digital forensics and malware analysis. Understanding of CNI or energy/utility environments. Proficiency in scripting/automation (KQL, PowerShell, Python). Excellent More ❯

sharing What You’ll Bring 2 to 4 years of experience in a SOC, CSIRT or cyber defence environment Strong understanding of attack methodologies such as MITRE ATT&CK and the Cyber Kill Chain Hands on experience with SIEM and EDR tools including Microsoft Sentinel, Defender, Splunk or CrowdStrike Experience with triage, containment and incident More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

or similar role (preferably in MSP/MSSP). Hands-on experience with SIEM, EDR, IDS/IPS, firewalls, and incident response. Familiarity with frameworks like MITRE ATT&CK, NIST, CIS, or ISO 27001. Degree in IT security, or relevant professional Certifications or practical experience. Basic scripting skills (Python, PowerShell, or Bash) are a plus. More ❯

CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar More ❯

years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or More ❯

years’ experience in a SOC, CSIRT, or cyber defence environment. Solid knowledge of SIEM and EDR platforms (Sentinel, Splunk, Defender, CrowdStrike, etc.). Understanding of MITRE ATT&CK and network/cloud security principles. Strong analytical and communication skills. Bonus points for: Scripting or automation experience (KQL, PowerShell, Python). Background in threat hunting or More ❯

critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯