Back to Job Search

Senior Detection Engineer

Job Description

Join a Central Government cyber security team, with a mission to secure the department against cyber threats, protect nationwide internal IT infrastructure, and high-profile citizen-facing digital services such as GOV.UK. The  team delivers cyber threat intelligence, threat detection, incident response and vulnerability management capabilities.

Your role:
  • lead the development and maintenance of robust detection content, working with service teams across the department to understand and implement requirements
  • identify and deliver opportunities for continual improvement of the threat detection capability
  • work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities
  • develop and update internal documentation, including knowledge base articles, standards, and policies
  • act as an escalation point for, and provide coaching and mentoring to, security analysts and detection engineers
  • be responsible for leadership and line management of security analysts and detection engineers
  • Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join.

Your experience: 
  • working with SIEM tools
  • experience building, maintaining and tuning detection content using languages such as SPL
  • broader experience using common enterprise security tools such as EDR
  • an in-depth understanding of the tools, techniques and procedures used by threat actors
  • experience coaching and mentoring junior staff
  • excellent analytical and problem solving skills
  • excellent verbal and written communication skills
  • It’s desirable, but not essential, that you have:
  • experience with Splunk
  • experience working in an Agile environment
  • experience with cloud environments such as AWS