Threat Detection Lead/Manager
Listed on 2026-02-28
-
Engineering
Systems Engineer, Cybersecurity -
IT/Tech
Systems Engineer, Cybersecurity
When I speak with security engineers about why they’re open to new opportunities, the same themes come up repeatedly: the desire to have genuine impact, to continue growing technically, to strengthen stakeholder and leadership skills, and to work in an organisation where security is seen as an enabler, not a blocker.
I’m representing a business that offers exactly that.
They’re looking for a player-coach, someone who wants to remain hands-on while leading a small team across detection and automation engineering. This is an opportunity to shape how things are built, improve engineering maturity, and influence security direction while staying close to the technical detail.
The environment is technically diverse and modern, spanning Windows and Linux, with both Azure and AWS cloud infrastructure. They utilise Microsoft Sentinel as their SIEM and Defender for EDR, with a strong focus on automation and continuous improvement.
What will you come and do?- You will drive the design and implementation of new security detection use cases, building automated workflows to proactively identify and respond to emerging threats and vulnerabilities.
- This will also include enhancing engineering maturity by building and optimizing CI/CD pipelines that standardize, automate, and improve the quality, speed, and reliability of detection and automation deployments.
- Strong focus on advancing security engineering maturity through automation, with experience administering and optimizing security tooling across globally distributed environments.
- Proven hands-on experience leveraging APIs to integrate security platforms, streamline workflows, and strengthen overall security effectiveness through intelligent automation.
- Experienced in building and refining detection logic using advanced KQL, with a proactive mindset focused on improving signal quality and challenging existing processes to drive better outcomes.
- Designed and implemented automated response mechanisms to improve the speed, consistency, and effectiveness of security alert handling.
- Experience with programming or scripting to automate workflows is highly desirable; however, at minimum, a strong automation-first mindset and a proactive approach to improving manual processes is essential.
- Demonstrated leadership capability, whether through mentoring junior engineers, acting as a technical lead, or taking ownership of team-level technical direction and delivery responsibilities.
Surrey, with 3 days onsite and 2 days remote.
Salary:£85k-£100k salary + bonus and excellent benefits
#J-18808-LjbffrTo Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: