×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Threat Detection Engineer

Job in Gloucester, Gloucestershire, GL1, England, UK
Listing for: FluidOne
Full Time position
Listed on 2026-07-16
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 60000 - 90000 GBP Yearly GBP 60000.00 90000.00 YEAR
Job Description & How to Apply Below

Cyber Security Associates Limited (CSA), established in 2013, provides cyber consultancy and cyber managed services which help to detect, protect and educate against the ever-changing cyber threat. CSA has built its team from a foundation ofUK Government (ex-Military) and commercially experienced specialists all holding current and relevant cyber certifications. Today CSA’s core services are based around a 24/7 Security Operations Centre (SOC) based in Gloucester and our penetration testing and red team capabilities.

CSA is backed by Fluid One, a market leading connected cloud solutions provider, who provide support and funding firepower for our ambitious growth plans. Our vision is to be the best quality UK cyber security managed service provider.

Our mission is to grow to over £35m revenue over the next 5 years adding to our reputation as the go to experts in our field and providing a full range of cyber services to our clients enabling them to focus on running their businesses.

Role Overview

As a Detection Engineer, you will play a pivotal role in our Security Operations Centre (SOC) team, collaborating closely with the SOC analysts to enhance our clients’ security posture.

You will specialise in the creation of detection and response capabilities, using technology such as Kusto Query Language (KQL), Lucence, YARA, Sigma, Azure Logic Apps and more.

You will be responsible for planning and managing development, testing and implementation activities delivering new / updated rules and analytics for the SIEM and SOAR platforms. The day-to-day focus of the Detection Engineer is working with SOC Operations Teams to scope and define the requirements for tuning existing security use cases and creating new detection content. This includes planning each release and overseeing all design, development, testing and implementation activities.

The role also includes being the primary point of contact for CSA’s App Guard Service, a zero trust protection product. Key elements of this involves general management and ownership of App Guard, ongoing maintenance, implementing improvements and managing the implementation of customer requests, and being the primary escalation point of contact with App Guard.

The strategic focus of the Engineer is to ensure that the detection and monitoring technology remains optimised, current and tailored to the changing threat landscape and technology in use.

You will contribute to the overall development of the Security Operations Center (SOC), that will shape the future of CSA’s Success.

This is a unique and exciting opportunity for a highly motivated and experienced security professional to make a significant impact in the field of Detection Engineering / Security Operations. If you're ready for a challenge and eager to make a difference, we'd love to hear from you.

This role requires SC clearance.

Responsibilities
  • Develop, test and deploy updated and new content across the monitored estate in liaison with the Operations teams.
  • Take playbooks from the Ops teams, develop and deploy.
  • Maintain existing detection content to ensure it remains current and relevant.
  • Assess the effectiveness of new / updated rules and analytics to feed into future development activities.
  • Management of the implementation and maintenance of App Guard policies
  • Review and approve all required documentation as part of a release or change including design, deployment, configuration and administration guides.
  • Knowledge of SIEM/SOAR tools (Microsoft Sentinel and ELK) and other appropriate tooling e.g. SOAR, Threat Intelligence, traffic analysis tools etc. to identify signs of an intrusion and advise where new/improved tooling could enhance the SOC operation.
  • Analysing security data to identify patterns and trends.
  • Conducting research on emerging threats and vulnerabilities.
  • Produce Use Case Rules.
  • Maintain Use Case Library.
  • Openness to learning and managing new technologies as business requirements change.
  • Experience in a similar role.
  • Experience of working with SIEM’s (ideally Microsoft Sentinel).
  • Knowledge of cyber security frameworks with an active interest in software systems/engineering and/or secure communications and…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary