Job Title: Senior Detection Engineer
Location: Remote with occasional travel to Welwyn Garden City
Employment: Contract (3 months)
Rate : £600/Day Inside
THE ROLE
To design, develop and maintain high-quality detection logic aligned with the MITRE ATT&CK framework. The role involves close collaboration with SOC analysts, incident responders and threat intelligence teams to develop high-impact, context-rich use cases across Windows, Linux and cloud environments.
This position demands a balance of technical depth, analytical thinking and strong content development skills to ensure detections are both effective and operationally relevant.
KEY RESPONSIBILITIES
Design, develop, and maintain robust detection content aligned to MITRE ATT&CK and threat-led priorities.
Build and optimise detection queries using KQL, applying efficiency and best practices in logic construction.
Support the full detection engineering lifecycle, including modelling, data onboarding, rule development, deployment, and iterative tuning.
Collaborate with SOC and threat intelligence teams to validate alert quality, minimise false positives, and ensure operational relevance.
Maintain detection-as-code repositories in GitHub, ensuring proper version control, peer review, and documentation standards.
Document all detection content with clear context, data dependencies, and investigation guidance.
SKILLS
Strong hands-on experience with Microsoft Defender (Endpoint, Cloud, Identity) and Splunk Enterprise Security.
Proficiency in KQL and SPL, with the ability to optimise query performance and maintain clarity of logic.
Demonstrated experience with detection-as-code practices using GitHub or similar version control platforms.
Deep understanding of MITRE ATT&CK, threat actor TTPs, and translating them into detection use cases.
Familiarity with enterprise logging, data onboarding, and schema normalisation.
Working knowledge of Sentinel, Defender for Endpoint, Splunk ES, Jira, and Confluence.
Strong written communication skills for content development, documentation, and stakeholder collaboration.