×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Senior Threat Detection Engineer

Job in Greater London, London, Greater London, W1B, England, UK
Listing for: watchTowr
Full Time position
Listed on 2026-02-17
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below
Location: Greater London

watch

Towr is the Preemptive Exposure Management capability trusted by Fortune 500 companies and critical infrastructure providers. By combining proactive threat intelligence, real attacker telemetry, and automated red teaming, watch

Towr continuously identifies and validates real exposure so security teams can outrun real‑world threats. When exploitation happens in hours, watch

Towr delivers what no one else can: time to respond. We are a global team of operators, researchers, and engineers who have spent years thinking like attackers, and we are building the technology to stop them. Our work is recognised across the industry, with original vulnerability research from watch

Towr Labs and innovations like Instinct and Attacker Eye shaping the future of cybersecurity. Backed by $29M in funding, recognised by Gartner, and scaling fast across the globe, we are in a high‑growth phase of our journey and want exceptional people to join us.

Role Overview

We are looking for an ambitious Senior Threat Detection Engineer to join us and work with the watch

Towr Labs to expand our offensive security capabilities around threat detection engineering. The role is ideally based in the UK, with exceptions for the right candidate.

Responsibilities
  • Engineer high‑fidelity detections for both N‑day and true 0‑day exploitation by translating attacker trade‑craft, payloads, and kill‑chain behaviours into durable detection logic.
  • Continuously improve signal quality by reducing noise, validating detections against live attacker activity, and tuning for scale across millions of events per day.
  • Build and operate detection pipelines that ingest, normalise, enrich, and correlate honeypot telemetry, vulnerability intelligence, and external threat data in near real time.
  • Lead rapid‑reaction detection efforts for emerging threats, working cross‑functionally with Engineering, Research, and Go‑to‑Market teams to turn exploitation into actionable customer insight quickly.
  • Operationalise threat intelligence by converting external research, advisories, and PoCs into production‑grade detections and internal knowledge artefacts.
  • Author original detection research and threat reports, documenting adversary behaviours, exploitation trends, and detection methodology for both internal stakeholders and external publication.
  • Mentor and influence others by setting detection standards, reviewing logic, and helping shape how the organisation approaches threat detection at scale.
Ideal Experience
  • 8+ years working with security telemetry at scale, including detection engineering, threat research, SOC, IR, or offensive security roles.
  • 3+ years in a threat detection, threat research, or threat intelligence engineering role, with demonstrable ownership of production detections.
  • Experience working in an early‑stage B2B startup focusing on enterprise clients.
  • Proven experience designing detections from attacker behaviour, not just indicators.
  • Strong background in Threat & Vulnerability Intelligence, including vulnerability life cycles, exploitation timelines, threat actor trade‑craft, and frameworks such as MITRE ATT&CK.
  • Hands‑on experience working with honeypot or deception data, internet‑scale telemetry, or high‑noise datasets.
  • Deep familiarity with Open Search / ELK‑style stacks, including querying, aggregations, pipelines, and detection tuning.
  • Strong Python skills, with experience building detection tooling, parsers, enrichment pipelines, or internal analysis frameworks.
  • Experience collaborating with product, engineering, and go‑to‑market teams to ope rationalise detections into customer‑facing outcomes.
  • Background in Incident Response, SOC, red teaming, or exploit development is a strong plus.
Benefits
  • Competitive compensation – we believe that hard work, skills and ambition should be fairly compensated.
  • Meaningful role in a company – you will be a key and early contributor to a fast‑growing cybersecurity business that helps protect some of the world’s largest enterprises.
  • The best tools and powerful kit – we enable you with the tools to effectively fulfil your role.
  • Endless opportunities – we are in a high‑growth phase of our journey, and plan to promote from within…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search