Job Description
Lead Content Detection Engineer £50,000 to 65,000 GBPBonus Hybrid WORKINGLocation: Leeds, Yorkshire and the Humber - United Kingdom Type: PermanentLead Content Detection Engineer - LeedsUp to £65,000 + Bonus | SC Clearance Required to Start | DV Sponsorship AvailableWe are seeking a highly experienced Lead Content Detection Engineer to join a national security-focused Security Operations Centre (SOC) in Leeds. This is a strategic, hands-on role combining technical expertise, leadership, and operational ownership, supporting critical national infrastructure (CNI).The Role: As the Detection Engineering Lead, you will define and deliver the strategic direction for content detection across the SOC. You will manage a small team of skilled detection engineers, fostering a culture of technical excellence, knowledge sharing, and continuous improvement. This role requires balancing operational accountability with forward-looking innovation, ensuring the delivery of world-class security detection capabilities.Key Responsibilities:
* Lead and mentor a team of detection engineers, supporting professional development and workload management.
* Own the detection strategy and roadmap, aligning initiatives with KPIs and contractual requirements.
* Develop, optimise, and maintain high-fidelity detections using Splunk, Microsoft Sentinel, KQL, SPL, and Python for automation and Detection as Code.
* Work closely with cloud platforms (AWS and Azure) to enhance detection capabilities in hybrid environments.
* Monitor networks and leverage threat intelligence to improve detection coverage, incorporating frameworks such as MITRE ATT&CK.
* Drive service improvements and efficiency through automation, tooling, and operational innovation.
* Engage with senior stakeholders, presenting detection effectiveness, KPIs, and continuous improvement initiatives.
* Ensure operational ownership of the SOC's detection function, balancing strategic planning with day-to-day responsibilities.
Essential Skills and Experience:
* SC clearance required to start; DV sponsorship available.
* Proven expertise with Splunk and Microsoft Sentinel SIEM platforms.
* Strong programming skills in Python, with experience developing automation and Detection as Code pipelines.
* Proficiency in KQL and SPL for creating efficient, high-fidelity detections.
* Solid understanding of security detection methodologies, threat intelligence, and cloud security environments.
* Strong communication and stakeholder management skills.
* Experience in operational leadership, strategy definition, and team management.
Desirable Skills:
* Experience with Detection as Code frameworks.
* Knowledge of React or JavaScript for tooling development.
* Security certifications such as SANS, GIAC, CISSP, CCSP, or vendor-specific certifications (Splunk, AWS, Microsoft).
Work Arrangements:
* Initially 5 days per week onsite in Leeds.
* Once DV clearance is obtained, hybrid working with up to 2 days from home is possible.
Salary & Benefits:
* Competitive base salary up to £65,000 plus performance-based bonus.
* Opportunity to work on high-impact national security projects.
* Professional development and certification support.
* Chance to lead and shape the future of content detection engineering.
This is an exciting opportunity for a proactive, strategic thinker with a passion for security detection and team leadership. You will be at the forefront of protecting critical infrastructure while building a high-performing, technically excellent team.Reference: AMC-AQU-LCEDBPostcode: LS1#adqu
JBRP1_UKTJ