×
Register Here to Apply for Jobs or Post Jobs. X

Threat Detection Engineer

Job in Greater London, London, Greater London, W1B, England, UK
Listing for: Barclay Simpson
Full Time position
Listed on 2026-06-28
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 50000 - 70000 GBP Yearly GBP 50000.00 70000.00 YEAR
Job Description & How to Apply Below
Location: Greater London

Threat Detection Engineer required for global legal firm. You will be responsible for advancing the maturity of the SIEM platform alongside other strategic security solutions, working closely with internal teams to improve the organisation's overall security posture.

This position focuses on onboarding new log sources, optimising data pipelines, developing advanced detection use cases, and strengthening overall security monitoring and response. It's an excellent opportunity for a security professional who enjoys building scalable, high-performing SOC environments and driving continuous improvement.

The Role

This role also involves contributing to security service improvements and core operational processes, including incident, change, and problem management, as well as supporting the design, implementation, and review of security controls.

There may occasionally be a requirement to support out-of-hours changes or respond to critical security incidents.

  • Enhance and optimise SIEM performance, coverage, and detection fidelity
  • Assess and improve SIEM architecture, including ingestion pipelines, parsing, and correlation logic
  • Implement automation and orchestration (SOAR) to streamline response activities
  • Identify and onboard new log sources across cloud, network, endpoint, and application environments
  • Develop custom parsers, connectors, and ingestion playbooks
  • Collaborate with internal teams and vendors to ensure reliable, high-quality telemetry
Detection Engineering
  • Design and implement detection use cases aligned to MITRE ATT&CK and threat intelligence
  • Build and tune correlation rules, anomaly detections, dashboards, and alerting workflows
  • Continuously refine detections to reduce false positives and improve effectiveness
  • Partner with SOC analysts to validate and improve detection logic
  • Support investigations through advanced SIEM queries and data analysis
  • Act as a subject matter expert on complex security incidents
Documentation & Governance
  • Maintain clear documentation of data models, integrations, and detection logic
  • Ensure alignment with security standards, controls, and compliance requirements
Skills & Experience Technical Expertise
  • Hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, QRadar, Elastic, Arc Sight, Log Rhythm, or Exabeam
  • Strong understanding of log formats (JSON, syslog, XML, CEF) and ingestion methods (APIs, Kafka, Event Hubs, agents)
  • Experience in detection engineering, threat modelling, and attacker behaviour analysis
  • Proven ability to build and tune correlation rules, dashboards, and alerts
  • Familiarity with SOAR tools and automation workflows
Security Knowledge
  • Solid understanding of networking, Windows/Linux systems, cloud platforms (Azure, AWS, GCP), identity systems, and endpoint security tools
  • Knowledge of MITRE ATT&CK
    , cyber kill chain, and threat hunting techniques
Requirements
  • Degree (Level 4+) in a computing-related subject or equivalent experience
  • Background across IT infrastructure and information security roles
  • Relevant certifications (eg GIAC, SC-200/SC-100, CISSP, SSCP, CSIS
    )
  • Excellent communication skills with the ability to engage stakeholders at all levels
  • Proactive, self-driven approach with strong analytical capability
  • Secure remote access solutions
  • Network security technologies
  • Threat intelligence and open-source security tools
  • Experience with SaaS, IaaS, PaaS, and DaaS environments
  • Business continuity and disaster recovery planning
#J-18808-Ljbffr
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary