×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Threat and Detection Engineering Manager

Job in Warwick, Warwickshire, CV34, England, UK
Listing for: National Energy System Operator
Full Time, Part Time position
Listed on 2026-06-03
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 GBP Yearly GBP 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Threat Hunting and Detection Engineering Manager

About The Role

NESO are looking to hire a manager for an established Threat Hunting and Detection Engineering Team. The team works alongside the Cyber Security Operations Centre (CSOC) and develops industry leading threat detection capabilities across two SIEM platforms. It also performs advanced threat hunting to identify advanced or unknown threats early.

The Threat Hunting and Detection Engineering Manager will manage a team of threat hunting analysts. The team identifies, assesses, prioritises and delivers threat hunting activities, while ensuring threat-led detection content is continuously applied to the SIEM. The team also provides Subject Matter Expertise and analysis in support of security incident management.

This role can be based from Wokingham or Warwick, with hybrid working from office and home. We are open to full-time and part-time applicants, as well as flexible working arrangements.

This role is designated as requiring a National Security Vetting (NSV) clearance. The level of clearance associated with the role is Security Check (SC). You will usually need to have been a resident in the UK for the last five years to apply for an SC clearance. Applicants who do not currently meet this residency requirement are encouraged to express interest.

Key

Accountabilities
  • Lead and manage threat hunting and content development to enable an effective Cyber Security Operations team.
  • Partner with Cyber Security Operations, Incident Response, Threat Intelligence, and Security Engineering to agree and prioritise requirements for threat detection and threat hunting.
  • Be accountable for the development and deployment of a prioritised set of threat detection rules across two SIEM platforms.
  • Be accountable for the development and maintenance of work instructions and playbooks to enable the CSOC analysts to triage and respond to events.
  • Develop and maintain security content, such as rules, signatures, indicators, dashboards, reports, etc., to enhance the detection and response capabilities of the CSOC.
  • Provide subject matter expertise and analysis support in the event of security incidents.
  • Support the team to ensure they utilise detection as code and secure development pipelines.
  • Ensure an intake process is managed to allow a feedback loop from the CSOC.
  • Conduct proactive, iterative, and human-centric identification and analysis of cyber threats that have evaded existing security controls.
  • Coordinate and collaborate with internal and external stakeholders, such as IT teams, business units, vendors, auditors, and regulators.
  • Provide regular reports and metrics on the threat hunting and content development activities, outcomes, and value.
  • Develop and implement threat hunting and content development policies, standards, procedures, and best practices.
About You

We’re forging the path, and we know we can’t do it alone. That’s why we need visionary minds like yours to join us on this transformative journey. We’re looking for someone who:

  • Has an active leadership mindset, staying engaged with the team deliverables.
  • Is a team player and adept at working in multi-disciplinary and diverse teams.
  • Has in-depth knowledge and experience in threat hunting, content development, security engineering concepts, operations, analysis, and response.
  • Is proficient in various threat hunting and content development tools and technologies, such as SIEM, IDS, IPS, firewall, antivirus, encryption, VPN, etc.
  • Is familiar with security frameworks and standards, such as NIST and NCSC CAF.
  • Has strong analytical and problem-solving skills and the ability to handle complex and dynamic situations.
  • Has excellent communication and presentation skills and the ability to communicate effectively with technical and non-technical audiences.
  • Has sound knowledge of IT systems, networks, applications, and cloud services.
  • Is aware of current and emerging cyber threats, trends, and best practices.
Qualifications

Relevant degree-level qualification or equivalent experience with a strong background in providing threat hunting services in a large hybrid environment, within a government or critical infrastructure domain.

Significant experience in threat hunting, content…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search