Threat-Led Detection Engineer
London, London, United Kingdom
GBP 60K-70K (estimate) Senior-level Full Time
Tasks
- Collaborate with SOC Threat Hunting CTI and Incident Response
- Design detection rules for SIEM EDR XDR cloud identity network
- Develop detections using Detection-as-Code
- Document detections for analysts
- Integrate AI and automation into detection workflows
- Map detections to MITRE ATT&CK
- Onboard and validate new log sources
- Tune detections to reduce false positives
- Use Git workflows for detection content
- Validate detections using adversary emulation
- Write test and maintain detection rules
Perks/Benefits
- Annual leave
- Critical illness protection
- Cycle to work programme
- Defined contribution pension
- Dental coverage
- Electric vehicle scheme
- Employee assistance programme
- Group income protection
- Health assessments
- Hybrid working
- Life insurance
- Matched pension contributions
- Optical coverage
- Private healthcare
- Share scheme
- Volunteer day
Skills/Tech-stack
AWS | Adversary Emulation | Atomic Red Team | Automated testing | Azure | CloudTrail | CrowdStrike | Cyber Security | Defender XDR | Detection-as-code | EDR | EQL | Elastic | Entra ID | GCP | Git | KQL | LLM Top 10 | MITRE ATLAS | MITRE ATT&CK | Microsoft Defender | Microsoft Defender XDR | Microsoft Sentinel | OWASP LLM | OWASP LLM Top 10 | Powershell | Purple Team | Purple Teaming | Python | Red team | SIEM | SPL | Sigma | Splunk | Threat detection | Top 10 | XDR | “as-code”
Education
N/A
Related jobs
-
Security Engineer GBP 29K-36KAWS | Bash | CI/CD | Configuration as Code | CybersecurityCycle2Work | Dental insurance | Discounts on telecom services | EV Lease | Employee Rewards Platform AccessEntry-level Full TimeLondon, Northampton, Reading9h ago
-
Senior Cyber Analyst in VULNERABILITY MANAGEMENT GBP 55K-69KCompliance Management | Configuration Management | Cyber Security | Posture Management | QualysAnnual leave | Income protection | Pension | Private medical insuranceSenior-level Full TimeLondon, United Kingdom R9h ago
-
Senior-level Full TimeLondon, England, GB11h ago
-
OT Threat Detection SIEM Engineer GBP 50K-57K60870-5-104 | Anomaly Detection | Correlation | DNP3 | Data EnrichmentAnnual leave | Enhanced family-friendly benefits | Flexible working | Pension scheme | Private healthMid-level Full TimeAberdeen, Scotland, United Kingdom22h ago
-
Cyber Security Analyst GBP 60K-80KAI Email Threat Defence | AWS | Access Management | Application Protection | CNAPPBirthday leave | Career development opportunities | Flexible working | Health insurance | Hybrid work modelMid-level Full TimeLondon, England, United Kingdom1d ago
-
Lead Network Engineer GBP 60K-71KAWS | Ansible | Azure | BGP | Business Continuity25 days annual leave | Additional annual leave purchase | Bank holidays | Healthcare | PensionSenior-level Full TimeLondon, England, United Kingdom1d ago
-
Cyber Security Analyst GBP 44K-50KAWS | Access Management | Cloud Security | Cloud security audits | EDRCritical illness coverage | Cycle to work scheme | Dental insurance | Employee assistance programme | Flexible benefits platformMid-level Full TimeLondon, UK1d ago
-
Senior-level Full TimeLondon, England, GB1d ago
-
Senior Cyber Security Engineer GBP 57K-61KBash | Cloud Security | EDR | Endpoint Security | Identity-based securityCareer growth | Family support benefits | Health and wellbeing benefits | Inclusive environment | Training opportunitiesSenior-level Full TimeHemel Hempstead, England, United Kingdom1d ago
-
Head of Cyber Security GBP 80K-100KAccess Management | Awareness Training | Cloud Security | Cybersecurity | EDRFlexible benefits | Health and wellbeing support | Inclusion and diversity | Training and career growthExecutive-level Full TimeHemel Hempstead, England, United Kingdom1d ago
-
AWS | Algorithms | Azure | Cassandra | Code reviewCompetitive vacation and holidays | Comprehensive wellness programs | Employee networks | Great Place to Work certified | Paid adoption leaveSenior-level Full TimeLondon (Haggerston), United Kingdom R1d ago
-
AWS | Apache Flink | Apache Iceberg | Apache Spark | CassandraEmployee networks | Paid adoption leave | Paid parental leave | Professional development opportunities | Remote team collaborationSenior-level Full TimeLondon (Haggerston), United Kingdom R1d ago
-
Security Operations Engineer GBP 46K-63KCyber intelligence | DNS | Digital forensics | Exploits | HTTPMaternal leave | Paid sabbatical | Paternal LeaveMid-level Full TimeLondon, United Kingdom1d ago
-
Access Management | Account Security | Amazon Web Services | Data Protection | Detection and ResponseUK Government Security Clearance eligibilitySenior-level Full TimeLondon, England, GBR1d ago
-
Cyber Security Lead GBP 70K-79KAccess Management | Cyber Security | Cyber Security Operations | Data Security | Identity and Access ManagementFlexible working | Paid time off | Pension employer contributionsSenior-level Full TimeGBR - London - 30 Fenchurch …1d ago
-
Cybersecurity Engineer (Cryptography) GBP 50K-68KAutomation | Certificate Lifecycle Management | Certificate lifecycle | Crypto agility | CryptographyMid-level Full TimeWaterloo Street, United Kingdom1d ago
-
Mid-level Full TimeKnutsford, Radbroke Hall, United Kingdom2d ago
-
Senior Modern Workplace Engineer (Intune & M365) GBP 68K-95KActive Directory | Azure | Enterprise applications | Entra ID | ExchangeNo regular on call | Remote first work within EUSenior-level Full TimeRemote - Great Britain, United Kingdom R2d ago
-
Active Directory | Ansible | Bash | Certificates | Cloud ArchitectureBlameless retrospectives | Customer-focused environment | On-call rotation | Travel occasionally to LondonSenior-level Full TimeLondon, UK4d ago
-
Access Control | Active Directory | Active Directory Synchronization | Conditional Access | CrowdStrikeOnsite workSenior-level Contract Full TimeInverness, Scotland, United Kingdom5d ago
-
Senior Azure Cybersecurity Content Engineer GBP 88K-100KAccess Management | Azure Security | Azure security architecture | Bash | Defender for Cloud100% remote | 401k pension | Company retreat | Enhanced maternity and paternity | Flexi-timeSenior-level Full TimeLondon, United Kingdom R5d ago
-
Adversary Emulation | ArgoCD | CI/CD | Cloud Monitoring | Cloud loggingRotating on-call scheduleMid-level Full TimeLondon, UK5d ago
-
Senior Infrastructure & Security Engineer GBP 46K-51KAccess Management | Active Directory | Apache | Cloud Security | Configuration ManagerAgile working | Bank Holiday Leave | Carers support | Death in service payments | Flexible working hoursSenior-level Full TimeUnited Kingdom5d ago
-
Security Engineer GBP 105K-105KAWS | Cloud Native | Cloud Security | Incident Response | Risk ManagementAnnual leave | Career breaks | Income protection | Life assurance | PensionMid-level Full TimeLondon, England, United Kingdom5d ago
-
AWS | Access Control | Active Directory | Azure | BashLeave package | Life assurance | Pension plans | Private healthcare plan | Training and developmentSenior-level Full TimeUnited Kingdom - Remote R5d ago