Job Title - Senior Detection Engineer
Position – Hybrid/ Remote with occasional travel to Welwyn Garden City
Location - London, UK
Employment - Contract
Duration - 3 Months
The Role
This is a hands-on investigative position focused on uncovering detection opportunities, analysing telemetry from diverse sources and driving threat-led content development across the detection engineering lifecycle.
You will operate at the intersection of threat intelligence, log analysis and security operations, helping to identify trends, validate behaviours and recommend high-value detections grounded in real-world context.
The role will be supporting the detection engineering lifecycle, including modelling, data onboarding, detection opportunity identification, detection development, detection deployment and testing/tuning.
Key Responsibilities
* Lead detection ideation based on observed telemetry patterns, threat intelligence and gap analysis
* Analyse endpoint, identity, network and cloud telemetry to uncover detection opportunities and investigative leads
* Model attack behaviours using frameworks such as MITRE ATT&CK and propose corresponding detection logic
* Support the full detection engineering lifecycle from opportunity identification and modelling through to deployment and tuning
* Collaborate with detection engineers to translate investigative insights into operational detections
* Engage with SOC teams to improve triage workflows and enhance the investigative value of alerts
* Maintain working knowledge of evolving attacker TTPs and bring that knowledge into use case development
Skills
* Strong analytical and investigative mindset with demonstrable curiosity and attention to detail
* Familiarity with common attacker techniques and MITRE ATT&CK mapping
* Hands-on experience analysing logs from Defender for Identity, DNS, Windows event logs and endpoint telemetry
* Comfortable navigating enterprise-scale environments and understanding host, user and application behaviours
* Knowledge of threat hunting methodologies and ability to articulate detection gaps clearly
* Strong written and verbal communication skills, with the ability to document investigative findings and influence detection priorities