Salary: £100,000 - 100,000 per year Requirements: 5 years in detection engineering, threat research, SOC, IR, or offensive security 3 years building production-ready detections from attacker behaviour Strong knowledge of threat intelligence, MITRE ATT&CK, exploit lifecycles, and tradecraft Hands-on experience with honeypots, deception, or large-scale telemetry Skilled in Python and familiar with OpenSearch / ELK stacks Comfortable in high-noise, fast-moving environments Responsibilities: Own design and operation of detection logic for live attacker activity, including zero-day and N-day exploitation Build and maintain pipelines that ingest, enrich, and correlate telemetry and threat intelligence Reduce noise, validate detections, and tune signals at scale Rapidly respond to emerging threats and translate exploitation into customer insights Produce detection research, threat reports, and mentor peers on detection standards Technologies: OpenSearch ELK Python Security More: We are looking for a hands-on Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour. This role is fully remote, allowing you to work from anywhere worldwide. We offer a salary of up to £100,000 and a high-impact, startup-style engineering culture where you will work with live attacker data rather than synthetic datasets. last updated 5 week of 2026