1 to 25 of 26 Remote MITRE ATT&CK Jobs in the UK excluding London

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

red team automation Detection Engineering Collaboration : Ability to translate offensive findings into detection logic and partner with SOC teams to improve alerting and response. Threat Modelling & MITRE ATT&CK : Strong understanding of attacker TTPs and ability to map findings to frameworks like MITRE ATT&CK and the Cyber Kill Chain. … red/purple teaming, adversary emulation, and vulnerability exploitation. - Proficiency with tools such as Cobalt Strike, Metasploit, Burp Suite, BloodHound, and custom scripting. - Strong understanding of MITRE ATT&CK, cyber kill chain, and threat-informed defense. - Experience integrating offensive security into CI/CD pipelines and cloud-native environments. - Relevant certifications (e.g., OSCP, OSCE, CRTO More ❯

and recovery. Experience with digital forensics, chain-of-custody procedures, and forensic tools. Awareness of incident response planning and tabletop exercises. Understanding of frameworks such as MITRE ATT&CK, the Lockheed Martin Kill Chain, or the Diamond Model. Ability to perform dynamic malware analysis. Desirable Qualifications & Skills: Certifications such as ECIH, Security+, BTL1, CySA+, SC More ❯

enhancing SOC documentation, SOPs, and playbooks Collaborating with cross-functional teams and contributing to security strategy Ensuring security policies align with standards like NIST, ISO 27001, MITRE ATT&CK We're Looking for Someone With: Expert-level SIEM experience (Azure Sentinel highly preferred) Strong knowledge of Kusto Query Language (KQL) Demonstrated experience in cybersecurity incident More ❯

penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities More ❯

Security Operations Center (SOC) or similar cybersecurity role. Demonstrable experience with cloud security monitoring and incident response. Familiarity with various attack vectors, threat intelligence frameworks (e.g., MITRE ATT&CK). A cyber/information security related degree and/or relevant cybersecurity qualifications would be beneficial e.g. CompTIA Security+, (ISC) SSCP or CySA+ Interviewing is More ❯

experience in Security Operations and Incident Response You have experience of performing analysis with SIEM technologies, Splunk preferred You have experience with proactive threat hunting using MITRE ATT&CK or similar frameworks You have a deep understanding of security appliances/tools such as host-based and network-based IDS/IPS, WAF, EDR You More ❯

cyber threat intelligence Strong understanding of modern detection and response strategies Familiarity with SOC tooling (Sentinel, Defender, QRadar, Cortex XDR, etc.) Knowledge of threat frameworks like MITRE ATT&CK and NIST Self-starter who can work independently in a lean security function Comfortable driving change and making meaningful improvements in security posture Why Apply? Youll More ❯

PHP, Git, PostgreSQL Cloud security skills, ideally in AWS Understanding of open-source risk management and enterprise tooling Exposure to ITIL service management disciplines Familiarity with MITRE ATT&CK and NIST cybersecurity frameworks Want to hear more or ready to apply? Think this is the role for you or interested in hearing more? Apply or More ❯

management, incident response and remediation tools. Strategic development in cyber threat intelligence research, process automation, knowledge sharing and team training. Skilled in using threat frameworks (e.g. MITRE ATT&CK, Cyber Kill chain). Experienced in using OSINT and security analysis tools (e.g. Shodan, Censys, Qualys, Virus Total, EDR, AV). Experience supporting incident response or More ❯

the creation and management of detection logic in SIEMs (eg Splunk, ArcSight, Microsoft Sentinel) Intermediate experience developing scripts in Python Strong knowledge of exploitation techniques (eg MITRE ATT&CK) and use-case development Thorough TCP/IP and protocol experience (OSI L2-L7, DNS, HTTP, REST, SOAP) Strong communication, task management and organizational skills Highly More ❯

compliance with data protection regulations. Detection Rule Development: Ability to create, test, and optimise detection rules to identify suspicious activities and potential threats based on the MITRE ATT&CK Framework Performance Tuning with Elasticsearch and Logstash: Fine-tune query performance using Elasticsearch indices and mappings. Monitor Logstash pipelines and optimize resource utilization. Kibana Visualization and More ❯

compliance with data protection regulations. Detection Rule Development: Ability to create, test, and optimise detection rules to identify suspicious activities and potential threats based on the MITRE ATT&CK Framework Performance Tuning with Elasticsearch and Logstash: Fine-tune query performance using Elasticsearch indices and mappings. Monitor Logstash pipelines and optimize resource utilization. Kibana Visualization and More ❯

technical concepts to different audiences both verbally and in writing. • Familiar with analytic techniques and common frameworks such as Cyber Kill Chain Model, Diamond Model, and MITRE ATT&CK Matrix, and a background using these methodologies/frameworks during intelligence gathering and analysis activities. • Work analytically and critically and produce analysis that is repeatable and More ❯

/or Linux environments, cloud/hybrid environments - Proficient in SIEM management, configuration and analysis - Experience with Security Orchestration Automation and Response (SOAR) tools - Understanding of MITRE ATT&CK and attacker techniques - Security certifications such as GCIA, GCFA, GCFE, CISSP or CEH (highly advantageous) - Experience of working within an enterprise, global environment Threat Detection Engineer More ❯

Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating detailed intelligence reports and contributing to proactive threat hunting Leveraging frameworks like MITRE ATT&CK to map adversary TTPs and assess risks To secure the role, your Cyber Threat Intelligence experience will covers: Solid understanding of CTI methodologies, threat actor TTPs More ❯

Collaborating with SOC and Incident Response teams to support real-time threat mitigation Creating detailed intelligence reports and contributing to proactive threat hunting Leveraging frameworks like MITRE ATT&CK to map adversary TTPs and assess risks To secure the role, your Cyber Threat Intelligence experience will covers: Solid understanding of CTI methodologies, threat actor TTPs More ❯

and playbooks. Identifying lessons learned to improve future incident response and detection strategies. Contribute to development of detection mechanisms for sophisticated adversarial techniques based on the MITRE ATT&CK framework. Purple Teaming and Advanced Testing Support the planning and response of purple teaming activities. Develop scenarios and artifacts that mimic real-world adversary groups for More ❯

the following technical competencies: Solid grounding in OS and network fundamentals (Linux, Windows, Mac, TCP/IP stack). Knowledge of common attack techniques and mitigations (MITRE ATT&CK, OWASP Top 10). Familiarity with scripting and automation using Python, Bash, or PowerShell. Strong understanding of Active Directory attack chains and common privilege escalation paths. More ❯

Platforms. Programming Expertise : Proficiency in Python script with a solid experience of REST APIs to develop and interact with them effectively. Framework Knowledge : Familiarity with the MITRE ATT&CK framework or equivalent, including knowledge of emerging threat actor tactics, techniques, and procedures. Operating Systems : Experience and working knowledge of both Linux and Windows platforms. Public More ❯

Platforms. Programming Expertise : Proficiency in Python script with a solid experience of REST APIs to develop and interact with them effectively. Framework Knowledge : Familiarity with the MITRE ATT&CK framework or equivalent, including knowledge of emerging threat actor tactics, techniques, and procedures. Operating Systems : Experience and working knowledge of both Linux and Windows platforms. Public More ❯

interest Digitally literate (including fluency in Microsoft Office tools) Able to understand relevant NIST frameworks and ISO27001 standards and how to apply in practice Knowledge of MITRE ATT&CK Essential qualifications for the Cyber Security Risk Consultant: We value difference and we don't have a fixed idea when it comes to background or education More ❯

levels. Expertise on AWS security controls and services. Experience leveraging coding for automation, alert enrichment and detections Knowledge of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles Hands-on experience with data analysis, modeling, and correlation at scale Operating systems internals and forensics experience for macOS, Windows & Linux Domain experience managing and More ❯

response. About you Strong experience across both offensive and defensive cyber security disciplines. Deep understanding of attacker tactics, techniques, and procedures (TTPs), with expertise in the MITRE ATT&CK Framework. Hands-on technical knowledge in cyber detection engineering, security tools, and infrastructure. Skilled in Detection-as-Code and experienced with SIEM query languages. Confident communicator More ❯

in security testing A proven track record of managing and growing high-performing teams You possess practiced competence with red teaming methodologies and experience using the MITRE ATT&CK framework for adversary simulations You're skilled in Objective-C, Go, Bash, Python, or JXA, and have knowledge of macOS C2 frameworks and hacking techniques You More ❯