Cyber Threat Detection Engineer Location: UK (fully remote - work from anywhere worldwide) Salary: Up to £100,000 benefits About the role We're looking for a hands-on Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour. You'll work with global telemetry, honeypots, and deception systems to identify exploitation, develop detection pipelines, and convert threat intelligence into actionable insights. Key responsibilities Own design and operation of detection logic for live attacker activity, including zero-day and N-day exploitation Build and maintain pipelines that ingest, enrich, and correlate telemetry and threat intelligence Reduce noise, validate detections, and tune signals at scale Rapidly respond to emerging threats and translate exploitation into customer insights Produce detection research, threat reports, and mentor peers on detection standards About you 5 years in detection engineering, threat research, SOC, IR, or offensive security 3 years building production-ready detections from attacker behaviour Strong knowledge of threat intelligence, MITRE ATT&CK, exploit lifecycles, and tradecraft Hands-on experience with honeypots, deception, or large-scale telemetry Skilled in Python and familiar with OpenSearch / ELK stacks Comfortable in high-noise, fast-moving environments Why join us Fully remote role with global flexibility Work with live attacker data, not synthetic datasets High-impact, startup-style engineering culture Salary up to £100k Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment, Twitter - @Circle_Rec and LinkedIn - Circle Recruitment.