1 to 25 of 26 Remote MITRE ATT&CK Jobs in the UK excluding London

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What youll … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

operations and triage. Prepare reports for managed clients to both technical and non-technical audiences. Analyse and improve detection rules and use cases in line with Mitre Att&ck and threat-informed defence. Represent the SOC within Stakeholders meetings. Ability to work in a hybrid approach from home and our Gosport office location. What you … Experience in Security Operations Centre. People management experience to help develop Analysts and lead careers. Experience of using Microsoft Sentinel and Splunk. Knowledge and experience with Mitre Att&ck Framework. Solid ability to lead teams while staying hands-on with security operations. Strong influencing skills and ability to persuade others, with a broad understanding of More ❯

architecture for service mesh deployments across Kubernetes and containerised platforms. Conduct risk assessments and develop mitigation strategies for identified vulnerabilities. Create detailed threat models aligned to MITRE ATT&CK and STRIDE frameworks. Design and review secure API gateway patterns using IBM DataPower. Lead implementation of Zero-Trust , mTLS, RBAC and policy enforcement within service mesh … designing secure architectures for hybrid/multi-cloud environments. Strong background in Zero-Trust , microservices security, and containerised platforms. Experienced in building bespoke threat models using MITRE ATT&CK & STRIDE . Ability to assess security elements of solution designs, constructively challenge, and drive secure outcomes. If you are interested or would like to know more More ❯

Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry More ❯

and passion for problem solving and continuous improvement Desirable Experience • Experience with SOAR platforms such as Microsoft Sentinel Automation, Cortex XSOAR or Splunk SOAR • Knowledge of MITRE ATT&CK mapping and detection engineering frameworks • Experience using Infrastructure as Code such as Terraform, Bicep or ARM templates • Integration experience with ServiceNow or ITSM tools • Exposure to More ❯

for Endpoint, Identity, Cloud Apps, and Office 365 Microsoft Entra ID (Azure AD) Microsoft Purview (compliance and data protection) Strong knowledge of attacker tactics and techniques (MITRE ATT&CK). Experience in digital forensics and malware analysis. Understanding of CNI or energy/utility environments. Proficiency in scripting/automation (KQL, PowerShell, Python). Excellent More ❯

sharing What You’ll Bring 2 to 4 years of experience in a SOC, CSIRT or cyber defence environment Strong understanding of attack methodologies such as MITRE ATT&CK and the Cyber Kill Chain Hands on experience with SIEM and EDR tools including Microsoft Sentinel, Defender, Splunk or CrowdStrike Experience with triage, containment and incident More ❯

Science, or equivalent experience. Proven experience within a SOC (Security Operations Centre) or NOC (Network Operations Centre). Strong understanding of incident response methodologies and the MITRE ATT&CK framework. Experience using SIEM, IDS/IPS, vulnerability scanners, and Azure security tools. Technical expertise in Microsoft Defender, EDR (Endpoint Detection and Response), and network architecture. More ❯

or similar role (preferably in MSP/MSSP). Hands-on experience with SIEM, EDR, IDS/IPS, firewalls, and incident response. Familiarity with frameworks like MITRE ATT&CK, NIST, CIS, or ISO 27001. Degree in IT security, or relevant professional Certifications or practical experience. Basic scripting skills (Python, PowerShell, or Bash) are a plus. More ❯

CEH, CASP+, or SIEM-specific training. Strong knowledge of SIEM, SOAR, EDR, IDS/IPS, NAC, DLP, and related security technologies. Familiarity with frameworks such as MITRE ATT&CK, NIST, CIS, and ISO/IEC 27001/27002. Hands-on experience with tools such as FortiSIEM, Q-Radar, Microsoft Defender, Darktrace, Microsoft Sentinel, or similar More ❯

critical assets remain secure Manage supplier relationships, report on control effectiveness, and support compliance with ISO 27001, GDPR, and Cyber Essentials Plus Technology NIST, CIS, NCSC, Mitre Att&ck, Security Scorecard, M365/Azure Security Center Azure Security Center, SIEM, Defender ATP, M365 Security, Data Compliance and Governance, PIM & PAM Zscaler (ZTNA), Darktrace, Firewalls, NAC More ❯

Write and fine-tune Kusto Query Language (KQL) queries to analyse and visualise raw security data. Integrate third-party tools (firewalls, IAM, telemetry) into Sentinel. Use MITRE ATT&CK to anticipate and counter adversarial activity. Apply cost-optimisation principles (data tiering, filtering). Collaborate with security architects to improve internal policies and ISO 27001 alignment. More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯

vulnerability scanning. Understanding of IT and cyber security frameworks, standards, and regulations (examples: ISO27001, NIS2, GDPR, and CAF). Understanding of the Cyber Kill Chain and MITRE ATT&CK frameworks. Ability to collaborate effectively with various internal and external stakeholders. Relevant certifications such as Microsoft Security Operations Analyst (SC-200) or Azure Security Engineer (AZ More ❯

etc.). Understanding of Azure/AWS cloud and network fundamentals. Desirable: Experience with SOAR tools or Infrastructure-as-Code (Terraform, Bicep, ARM). Knowledge of MITRE ATT&CK mapping or threat detection frameworks. What’s in it for you: Flexible hybrid working, paid certifications, great progression into consultancy or leadership, and a genuinely collaborative More ❯

2nd line or similar). Strong hands-on experience in threat investigation, log analysis, and remediation . Good understanding of common security frameworks and practices (e.g., MITRE ATT&CK, NIST, ISO 27001). Familiarity with a range of security tools and platforms – experience with Microsoft Sentinel is desirable but not essential. Excellent communication skills – able More ❯

You’ll Do: Lead red team activities: penetration testing, threat emulation, resilience validation Support blue team functions: architecture, compliance, monitoring, incident response Develop attack scenarios using MITRE ATT&CK for ICS Conduct risk assessments and support standards like IEC 62443 & NIST SP800-82 Collaborate with stakeholders and contribute to training, reporting, and continuous improvement ✅ What More ❯

high-volume, real-world attack telemetry. 2+ years' experience specifically in a Threat Intelligence function. Familiarity with threat actor tracking, vulnerability databases, and frameworks such as MITRE ATT&CK . Strong data analysis skills, ideally using the ELK stack (OpenSearch, Logstash, Kibana) . Intermediate proficiency in Python , capable of automating workflows and developing custom analysis More ❯

tooling, methodology, and lab development Required Skills & Experience 3+ years' experience in red teaming, offensive security, or advanced penetration testing Strong knowledge of attacker frameworks (e.g., MITRE ATT&CK, NIST adversary simulation guidelines) Highly proficient with red team tools and techniques (e.g., Cobalt Strike, Mimikatz, Sliver, BloodHound, Metasploit etc.) Hands-on experience with Active Directory More ❯

experience in threat modelling complex infrastructures. Strong background in operational security (e.g., Threat Hunting, Red Team, or Intelligence). Familiarity with threat modelling frameworks (STRIDE, PASTA, MITRE ATT&CK, etc.). Knowledge of secure design principles and architecture reviews. Exposure to telecoms environments is highly desirable. Ability to work independently and meet tight deadlines. If More ❯

KQL queries, where efficiencies can be gained, best practices and how to build detection logic Highly proficient in Splunk to at least Power User level Good understanding of Mitre Attack framework and experience of referencing and building content to the framework. Familiar with GitHub technologies and CI/CD practices. Good enterprise level understanding of Windows and Linux More ❯

KQL queries, where efficiencies can be gained, best practices and how to build detection logic Highly proficient in Splunk to at least Power User level Good understanding of Mitre Attack framework and experience of referencing and building content to the framework. Familiar with GitHub technologies and CI/CD practices. Good enterprise level understanding of Windows and Linux More ❯

KQL queries, where efficiencies can be gained, best practices and how to build detection logic Highly proficient in Splunk to at least Power User level Good understanding of Mitre Attack framework and experience of referencing and building content to the framework. Familiar with GitHub technologies and CI/CD practices. Good enterprise level understanding of Windows and Linux More ❯

KQL queries, where efficiencies can be gained, best practices and how to build detection logic Highly proficient in Splunk to at least Power User level Good understanding of Mitre Attack framework and experience of referencing and building content to the framework. Familiar with GitHub technologies and CI/CD practices. Good enterprise level understanding of Windows and Linux More ❯

KQL queries, where efficiencies can be gained, best practices and how to build detection logic Highly proficient in Splunk to at least Power User level Good understanding of Mitre Attack framework and experience of referencing and building content to the framework. Familiar with GitHub technologies and CI/CD practices. Good enterprise level understanding of Windows and Linux More ❯