Senior Detection & Response Engineer
Cambridgeshire Based - 1-2 days a week on site
We are looking for a highly experienced Senior Detection & Response Engineer to join our client's growing security team. In this critical role, you'll be instrumental in developing a best-in-class incident response function, leading investigations into complex security events, and building scalable detection and response capabilities across the organisation.
This is an exciting opportunity to work at the heart of a modern security operation - building the tools, automation, and processes that enable the business to detect, respond to, and learn from security threats effectively.
What You'll Be Doing:
Investigate and respond to security events with clarity and precision; triage, analyse, and manage incidents from end to end
Develop and improve detection and response processes, technologies, and work flows
Design and implement tools to collect and analyse security telemetry from cloud environments
Automate security workflows to enhance detection accuracy and reduce response time
Build and fine-tune detection rules to focus efforts on high-fidelity alerts
Create and maintain runbooks and incident response playbooks
Lead proactive threat hunting and incorporate findings into defensive measures
Develop custom scripts and detection logic for advanced monitoring
Collaborate cross-functionally with engineering and product teams to strengthen the security posture
Continuously enhance detection capabilities, playbooks, and incident response processes
What We're Looking For:
Proven experience in security engineering, incident response, and threat hunting within cloud-first environments
Deep understanding of offensive security and real-world attack scenarios
Demonstrated experience leading complex investigations involving multiple stakeholders
Expertise in AWS security controls and cloud-native security services
Proficient in coding/scripting for automation, alert enrichment, and custom detections
Familiarity with adversary TTPs and the MITRE ATT&CK framework
Experience with endpoint forensics, malware analysis, and security event correlation
Hands-on experience with SIEM and SOAR platforms
Solid understanding of operating system internals (macOS, Windows, Linux)
Experience with security in a SaaS environment and working closely with engineering teams
Background in using DevOps toolsets and programming languages for building security tools
Ability to lead projects independently and deliver results with minimal supervision
If you are interested and looking for a new role, please apply with a copy of your CV or email (url removed)