12 of 12 MITRE ATT&CK Jobs in the West Midlands

log parsing, and agent deployment. Detection Engineering & Threat Rules: Develop and tune custom detection rules using ESQL, EQL, and Lucene syntax to identify malicious activity. Use MITRE ATT&CK-aligned techniques and contribute to the design of the detection roadmap. Create and maintain bespoke investigation guides to assist SOC analysts in conducting triage and escalation. … during client interactions and project reviews. Desirable Skills and Experience Prior experience in Defence, Government, or Critical National Infrastructure environments. Familiarity with security frameworks such as MITRE ATT&CK, NIST CSF, or ISO 27001 including how to map TTP's to Rule coverage. Experience with SOAR or SIEM enrichment tools (e.g., TheHive, MISP, Cortex). More ❯

by Elastic Security and validate detection accuracy. Tune and optimise existing Elastic SIEM detection rules to improve fidelity and reduce false positives. Map detections to the MITRE ATT&CK framework and identify coverage gaps. Produce clear detection reports, tuning documentation, and analysis summaries. Collaborate with SOC analysts, incident responders, and security engineering teams. Required Skills … with Elastic Security/Elastic SIEM, Kibana, and Elasticsearch queries (EQL/KQL) . Strong understanding of detection logic, alert tuning, and threat behaviours. Familiarity with MITRE ATT&CK. Strong written communication skills for reporting and documentation. Nice to Have Experience in SOC, detection engineering, or threat hunting. Exposure to common log types (endpoint, network, cloud). More ❯

and executing security assessments and incident response exercises in OT/ICS environments Developing and implementing attack scenarios and detection use cases using frameworks such as MITRE ATT&CK for ICS Performing vulnerability assessments, threat modelling and attack path analysis to identify and address security weaknesses Supporting risk assessments and compliance against standards such as More ❯

OpenTelemetry, and scripting. Security Use Cases & Threat Detection Build and maintain SIEM use cases, alerts, and dashboards for threat detection. Map detection rules to frameworks like MITRE ATT&CK, STRIDE, and NIST CSF. Collaborate with SOC teams to refine incident response workflows. Governance & Compliance Align SIEM architecture with Secure by Design and Zero Trust principles. More ❯

.- Knowledge of security compliance, including access controls, authentication, and encryption using Elastic Security features.- Ability to create, test, and optimise detection rules based on the MITRE ATT&CK Framework.- Experience in performance tuning with Elasticsearch and Logstash, including monitoring Logstash pipelines.- Proficiency in using Kibana for data visualisation and monitoring. Advantageous:- Familiarity with offensive More ❯

experience in threat modelling complex infrastructures. Strong background in operational security (e.g., Threat Hunting, Red Team, or Intelligence). Familiarity with threat modelling frameworks (STRIDE, PASTA, MITRE ATT&CK, etc.). Knowledge of secure design principles and architecture reviews. Exposure to telecoms environments is highly desirable. Ability to work independently and meet tight deadlines. If More ❯

of the Elastic Stack (ELK) , with a focus on Elastic Security . Detection & Compliance Expert: Proven ability to engineer high-fidelity detection rules based on the MITRE ATT&CK Framework , alongside implementing essential security controls like RBAC, encryption , and data governance to ensure regulatory compliance. Performance & Tuning Specialist: Deep technical skill in fine-tuning Elasticsearch More ❯

reviews. Strong background in cybersecurity, ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities in a dynamic environment. All profiles will More ❯

reviews. Strong background in cybersecurity, ideally with exposure to telecoms environments. Background in operational security (Intelligence, Threat Hunting or Red Team) Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) Ability to drive work to tight timescales and deadlines. Ability to work independently and manage priorities in a dynamic environment. All profiles will More ❯

reviews. * Strong background in cybersecurity, ideally with exposure to telecoms environments. * Background in operational security (Intelligence, Threat Hunting or Red Team) * Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) * Ability to drive work to tight timescales and deadlines. * Ability to work independently and manage priorities in a dynamic environment. What you need More ❯

reviews. * Strong background in cybersecurity, ideally with exposure to telecoms environments. * Background in operational security (Intelligence, Threat Hunting or Red Team) * Familiarity with threat modelling frameworks, (MITRE ATT&CK, STRIDE, PASTA etc) * Ability to drive work to tight timescales and deadlines. * Ability to work independently and manage priorities in a dynamic environment. What you need More ❯

solid background in cybersecurity, ideally with exposure to telecoms environments.Experience in operational security (Intelligence, Threat Hunting, or Red Team).Familiarity with threat modelling frameworks such as MITRE ATT&CK, STRIDE, or PASTA.Ability to drive work to tight timescales and meet deadlines.Demonstrated ability to work independently and manage priorities in a dynamic environment. If you are More ❯