1 to 25 of 136 MITRE ATT&CK Jobs in the UK excluding London

using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection mechanisms. Conduct adversary simulation exercises to test and … minimal levels of supervision. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules) Malware Analysis & Reverse Engineering Network & Endpoint Security Monitoring (EDR, IDS/IPS More ❯

using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection mechanisms. Conduct adversary simulation exercises to test and … operations or on call. Threat Hunting & Detection (IOC & IOA Analysis, TTP Profiling, Cyber Kill Chain) SIEM Fine-Tuning & Optimisation (QRadar, Splunk, Sentinel, ArcSight) Incident Response & Forensics (MITRE ATT&CK, DFIR, Log Analysis) Threat Intelligence Analysis Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules) Malware Analysis & Reverse Engineering Network & Endpoint Security Monitoring (EDR, IDS/IPS More ❯

Digital Forensics, Incident Response, or Ethical Hacking (e.g., GCIH, CEH, GCFE, GCFA, and CFCE). Knowledge of main concepts related to the Incident Response Life Cycle, MITRE ATT&CK Framework, Cyber Kill Chain, and other cybersecurity frameworks. High-level understanding of common intrusion methods and cyber-attack tactics, techniques, and procedures (TTPs), and common industry More ❯

. Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ). Skilled in incident response and threat intelligence analysis . Familiarity with Mitre Att&ck framework and advanced threat detection techniques. Excellent analytical and problem-solving capabilities. Able to provide mentorship and leadership within a SOC team. Desirable (Nice-to-Have … SIEM platforms ( Microsoft Sentinel , Splunk ). Leading incident response and driving improvements in detection and containment strategies. Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck . Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre . Staying abreast of cyber threat developments and contributing to More ❯

Sentinel and Splunk Solid understanding of network protocols and infrastructure (e.g. TCP/IP , VPNs , firewalls ) Skilled in incident response and threat intelligence analysis Familiarity with Mitre Att&ck framework and advanced threat detection techniques Excellent analytical and problem-solving capabilities Able to provide mentorship and leadership within a SOC team Desirable (Nice-to-Have … advanced SIEM platforms ( Microsoft Sentinel , Splunk ) Leading incident response and driving improvements in detection and containment strategies Tuning and maintaining detection rules, using threat frameworks like Mitre Att&ck Collaborating with colleagues to enhance the overall capability and resilience of the Security Operations Centre Staying abreast of cyber threat developments and contributing to best practices More ❯

Cryptography, End User Computing, IAM, PKI, Server hardening, SIEM, SOAR, virtualisation (VMware) Participate in pre-sales tasks and perform ongoing support of delivery collateral. Familiarity with MITRE ATT&CK Familiarity with ITIL Who we are: We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is More ❯

Summary Threat Detection and Monitoring: Design, build, and own a formal threat hunting program with a strong emphasis on hypothesis-based hunting methodologies. Use threat intelligence, MITRE ATT&CK, and risk models to form hypotheses and validate them through structured hunts. Leverage Jupyter Notebooks and other tools to automate hunts, visualise results, and create reusable … have 3-5+ years of hands-on experience in Threat Hunting, Red Team, Blue Team, or Incident Response roles, with a deep understanding of the MITRE ATT&CK framework and a proven ability to detect and investigate advanced threats beyond signature-based solutions. Adept at leveraging Splunk for data analysis and detection development, they … you Minimum Requirements Minimum 3-5 + years of experience within a Threat Hunter, Red Team, Incident Response, or Blue Team role. Solid understanding of the MITRE ATT&CK framework, TTP analysis, and adversary emulation. Deep familiarity with hypothesis-driven threat hunting frameworks and methodologies. Ability to work autonomously while collaborating across security, engineering, and More ❯

of adversary presence within enterprise environments using threat intelligence, telemetry, and hypothesis-driven methods. Design and execute structured threat hunting playbooks based on known TTPs (e.g., MITRE ATT&CK) and emerging threats, enabling consistent, repeatable hunts. Develop code-based playbooks (e.g., Jupyter Notebooks or Python scripts) that integrate threat intelligence, log sources, and detection logic … PowerShell/Bash are a plus. Understanding of DevOps, git. * . * * Analytical Skills - Strong knowledge of threat actor tactics, techniques, and procedures (TTPs) and frameworks like MITRE ATT&CK , Kill Chain, and Diamond Model. Proficiency with SIEM tools (e.g., Splunk, ELK), threat intelligence platforms (e.g., MISP, ThreatConnect), and endpoint detection tools (e.g., EDR/XDR More ❯

gather and report threat intelligence, update detection rules and response playbooks, and collaborate across teams to improve security. You ll also track threat actor tactics using MITRE ATT&CK and assist with incident response and reviews. Key skills required: • 3+ years of experience in Security Operations, Threat Intelligence, or Incident Response roles • Proficient in analyzing More ❯

penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities More ❯

of SIEM, XDR, EDR, vulnerability management, firewalls, and network security. Hands-on experience in security control implementation and maintenance (e.g. ISO27001, Cyber Essentials). Familiarity with MITRE ATT&CK, incident response methodologies, and penetration testing. Experience in risk management, vendor security assessments, and compliance. Understanding of UK regulations, including Cyber Essentials, ISO27001, NIST CSF, and More ❯

and effective detection capabilities. Key Responsibilities Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms. Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance. Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness. Use Detection-as-Code … content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives Familiarity with MITRE ATT&CK framework and threat detection lifecycle. More ❯

line management to SOC Analysts Enhancing team knowledge across SOC tooling, detection methodologies, and threat triage Analyzing and optimizing detection rules and use cases based on MITRE ATT&CK Maintaining detailed and up-to-date incident documentation, findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements … a Security Operations Centre (SOC) environment Qualified at SOC Level 2 Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the MITRE ATT&CK Framework for detection and threat analysis Experience of static malware analysis and reverse engineering (desirable) Scripting or programming with Python, Perl, Bash, PowerShell or C++ (desirable More ❯

Engineering, Compliance and AI teams to integrate security tooling and sophisticated security capabilities into business-critical systems. Define frameworks and standards aligned with industry standards (NIST, MITRE ATT&CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response … Proven expertise in cloud security architecture and deployments, particularly in AWS, Azure, and/or Google Cloud Platform. Solid understanding of security frameworks such as NIST, MITRE ATT&CK, and relevant semiconductor industry standards. Excellent leadership skills with a track record of building and managing high-performing technical teams. Exceptional interpersonal skills with the ability More ❯

with Microsoft Sentinel, including KQL, custom analytic rules, and automation. Hands-on experience with Microsoft Defender for Endpoint, Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. More ❯

corners - is hiring a Cyber Security Operations Engineer . If you're the kind of person who spots anomalies before SIEM alerts even pop, talks in MITRE ATT&CK when stressed, and dreams in hex - we want to hear from you. You’ll report to the Cyber Security Operations Manager and be part of the More ❯

trenches and know what it takes to stay ahead of threat actors. Ideally, you bring: Hands-on experience with SIEM platforms , especially Splunk. Strong familiarity with MITRE ATT&CK , intrusion detection/prevention systems, and malware behaviour. Confidence in network traffic analysis (PCAP, NetFlow) and endpoint forensics. The ability to explain technical risk in plain More ❯

You should also: Have some knowledge in securing Continuous Integration/Continuous Deployment and associated practices Understand current attack tactics, techniques and procedures along with the use of MITRE Attack framework, as well as other more recent MITRE initiatives Be inquisitive, have a passion for what you do and understanding how your work impacts and contributes More ❯

interface at the highest level and exhibit good verbal, written and presentation skills. Experience of working within key Cyber Security principles and standards (ISO 27001, NIST, Cyber Essentials, MITRE). [i] Experience working in a customer-facing role desirable. You should have experience in managing team driven workloads. Demonstrable experience driving continuous improvement initiatives. Benefits & culture At Zellis More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel More ❯

DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile: Expert in Azure cloud security services (Defender for Cloud, Azure Sentinel More ❯

skills and experiences: Experience of working within Security Operations or equivalent roles Demonstrable leadership in Operational Management Experience in the application of relevant industry standard frameworks (MITRE ATT&CK/D3FEND/ENGAGE etc.) in an operational environment A good level of knowledge and proficiency in the use of SIEM platforms, tools and analytical techniques. More ❯

Operations Centre (SOC) environment Previous people management or line management experience Strong familiarity with SIEM platforms including Microsoft Sentinel and Splunk Knowledge and use of the Mitre Att&ck Framework for detection and threat analysis In-depth understanding of: Client-server applications and multi-tier web environments Relational databases , firewalls , VPNs , enterprise AntiVirus solutions Networking … capability and supporting career progression Enhancing team knowledge across SOC tooling , detection methodologies , and threat triage Analysing and optimising detection rules and use cases based on Mitre Att&ck Maintaining detailed and up-to-date incident documentation , findings, and mitigation strategies Acting as a representative of the SOC in key meetings and internal stakeholder engagements More ❯

investigate security alerts impacting critical infrastructure. Perform detailed analysis of logs, network traffic, and system events. Support development and improvement of detection use cases aligned with MITRE ATT&CK. Oversee incident documentation, reporting, and remediation advice. Represent the SOC in partner and stakeholder meetings. Contribute to SOC process improvement, skills development, and knowledge sharing. Skills/Must … Have: Strong experience working in a SOC environment. Proven team leadership or people management experience. Expertise in Microsoft Sentinel and Splunk. Familiarity with the MITRE ATT&CK framework. Sound understanding of network protocols (TCP/IP, SMTP, etc.), firewalls, VPNs, AV products, and enterprise infrastructure. It would be great if you had: Skills in malware More ❯