×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Systems Engineer Cybersecurity

Security & Detection Engineering Manager

Job in Abu Dhabi, UAE/Dubai
Listing for: Visionary Tech Services
Full Time position
Listed on 2026-03-05
Job specializations:
  • Engineering
    Systems Engineer, Cybersecurity
  • IT/Tech
    Systems Engineer, Cybersecurity
Salary/Wage Range or Industry Benchmark: 120000 - 200000 AED Yearly AED 120000.00 200000.00 YEAR
Job Description & How to Apply Below
  • Rule execution frequency
  • Establish structured SOC-to-Engineering feedback loop.
  • Define tiered automation model (manual / assisted / autonomous).
  • Define detection engineering competency framework.
  • Establish certification roadmap (Elastic, Microsoft, Google).

The Security & Detection Engineering Manager is responsible for owning and leading the detection engineering and security platform strategy across a multi-SIEM, multi-tenant MSSP environment.

This role governs detection architecture, ATT&CK coverage, platform interoperability, multi-tenant isolation, cost engineering, quality assurance and automation governance across a hybrid tooling environment.

Requirements
  • Detection Strategy & Architecture
  • Define and maintain a 12-24 month Detection Engineering Roadmap.
  • Own adversary-aligned detection strategy mapped to MITRE ATT&CK.
  • Establish detection maturity targets per platform and service tier.
  • Maintain a centralized detection content abstraction model (e.g., Sigma/internal DSL).
  • Govern detection lifecycle: design → validation → deployment → tuning → retirement.
  • Prevent detection sprawl and duplication across platforms.
  • MITRE ATT&CK Coverage Governance
  • Maintain formal ATT&CK coverage matrix.
  • Track and report coverage percentage by tactic and technique.
  • Conduct quarterly coverage gap analysis.
  • Validate detection coverage through simulation and adversary emulation exercises.
  • Produce ATT&CK coverage reporting for executive leadership and audit functions.
  • Multi‑Tenant Detection Governance
  • Define detection inheritance and baseline models across tenants.
  • Govern tenant‑level tuning while preserving engineering consistency.
  • Enforce strict cross‑tenant rule isolation and data scoping controls.
  • Maintain metadata‑only forwarding controls where required for sovereignty models.
  • Prevent cross‑tenant configuration contamination.
  • Maintain version control and tenant‑level detection lineage.
  • Platform Interoperability & Schema Governance
  • Own cross‑platform detection portability strategy.
  • Govern schema alignment across a multi‑SIEM environment
  • Define translation and normalisation pipelines.
  • Ensure detection parity across supported platforms.
  • Govern ingestion mapping and telemetry integrity.
  • Cost Engineering & Optimisation
  • Own ingestion efficiency model and cost per GB governance.
  • Monitor cost per alert generated.
  • Optimise:
    Retention tiers (hot/warm/cold), Query performance, Rule execution frequency.
  • Define and track detection efficiency (signal‑to‑noise ratio).
  • Contribute to platform licensing and cost optimisation decisions.
  • Detection Quality Assurance Framework
  • Establish formal Detection QA process including:
    Peer review prior to deployment, Pre‑production validation environment, False positive regression testing, Simulation‑based testing.
  • Implement detection health scoring system.
  • Track detection decay and stale logic.
  • Maintain detection change traceability.
  • Continuous Service Improvement
  • Establish structured SOC‑to‑Engineering feedback loop.
  • Conduct regular analyst review sessions.
  • Track false positive patterns and alert fatigue metrics.
  • Maintain closed‑loop improvement tracking.
  • Continuously improve detection fidelity and SOC effectiveness.
  • Conduct post‑incident detection and control gap analysis.
  • Automation & Response Engineering Governance
  • Govern SOAR and response automation across platforms.
  • Define tiered automation model (manual / assisted / autonomous).
  • Establish human‑in‑the‑loop controls for high‑risk actions.
  • Enforce automation regression testing and version control.
  • Monitor automation success and failure rates.
  • Preventative Control Operationalisation & Validation
  • Implement Security Architect‑approved hardening baselines (CIS‑aligned).
  • Operationalise secure configuration standards across:
    Endpoints, Identity platforms, Cloud environments, Network security controls.
  • Monitor configuration drift and control degradation.
  • Integrate preventative control telemetry into SIEM and detection pipelines.
  • Validate control effectiveness using detection and incident data.
  • Provide structured feedback to the Security Architect on control performance gaps.
  • Support exposure reduction initiatives through engineering execution.
  • Compliance & Audit Evidence Ownership
  • Maintain full audit…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search