×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Threat and Detection Engineering Manager

Job in Warwick, Warwickshire, CV34, England, UK
Listing for: National Energy System Operator Limited
Full Time position
Listed on 2026-06-09
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 80000 - 100000 GBP Yearly GBP 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Threat Hunting and Detection Engineering Manager

About the Role

NESO is looking to hire a manager for an established Threat Hunting and Detection Engineering Team. The team works alongside the Cyber Security Operations Centre (CSOC). The team develops industry‑leading threat detection capabilities across two SIEM platforms and performs advanced threat hunting, enabling us to go beyond day‑to‑day detections, identifying advanced or unknown threats early. The Threat Hunting and Detection Engineering Manager will manage a team of threat hunting analysts.

The team will identify, assess, prioritise and deliver threat hunting activities, whilst ensuring threat‑led detection content is continuously applied to the SIEM. The team also provides subject‑matter expertise and analysis in support of security incident management.

This role can be based from Wokingham or Warwick. We continue to offer hybrid working from office and home. The role is designated as requiring a National Security Vetting (NSV) clearance. The level of clearance associated with the role is Security Check (SC). You usually need to have been a resident in the UK for the last five years to apply for an SC clearance.

We would invite applicants who do not currently meet this residency requirement to still express interest in the role.

Key Accountabilities
  • Lead and manage threat hunting and content development to enable an effective Cyber Security Operations team.
  • Partner with Cyber Security Operations, Incident Response, Threat Intelligence, and Security Engineering to agree and prioritise requirements for threat detection and threat hunting.
  • Be accountable for the development and deployment of a prioritised set of threat detection rules across two SIEM platforms.
  • Be accountable for the development and maintenance of work instructions and playbooks to enable the CSOC analysts to triage and respond to events.
  • Develop and maintain security content, such as rules, signatures, indicators, dashboards, reports, etc., to enhance the detection and response capabilities of the CSOC.
  • Provide subject‑matter expertise and analysis support in the event of security incidents.
  • Support the team to ensure they utilise detection‑as‑code and secure development pipelines.
  • Ensure an intake process is managed to allow a feedback loop from the CSOC.
  • Conduct proactive, iterative, and human‑centric identification and analysis of cyber threats that have evaded existing security controls.
  • Coordinate and collaborate with internal and external stakeholders, such as IT teams, business units, vendors, auditors, and regulators.
  • Provide regular reports and metrics on the threat hunting and content development activities, outcomes, and value.
  • Develop and implement threat hunting and content development policies, standards, procedures, and best practices.
About You & Qualifications
  • A desire to take on an active leadership role, remaining engaged with the team deliverables.
  • Team player and adept at working in multi‑disciplinary and diverse teams.
  • In‑depth knowledge and experience in threat hunting, content development, security engineering concepts, operations, analysis, and response.
  • Proficient in various threat hunting and content development tools and technologies, such as SIEM, IDS, IPS, firewall, antivirus, encryption, VPN, etc.
  • Familiar with various security frameworks and standards, such as NIST and NCSC CAF.
  • Strong analytical and problem‑solving skills and ability to handle complex and dynamic situations.
  • Excellent communication and presentation skills and ability to communicate effectively with technical and non‑technical audiences.
  • Sound knowledge of IT systems, networks, applications, and cloud services.
  • Awareness of current and emerging cyber threats, trends, and best practices.
  • Relevant degree‑level qualification or equivalent experience with strong background in providing threat hunting services in a large hybrid environment, within a government or critical infrastructure domain.
  • Significant experience in threat hunting, content development, security engineering, operations, or related field with strong demonstrable experience in managing or leading security teams or projects.
  • Relevant professional certifications, such as CISSP,…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search