×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Security Engineer II - Detection Engineering

Job in Welwyn Garden City, Hertfordshire, AL8, England, UK
Listing for: Tesco Technology
Full Time position
Listed on 2025-12-30
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Job Description & How to Apply Below

Security Engineer II - Detection Engineering

Join to apply for the Security Engineer II - Detection Engineering role at Tesco Technology
.

About the role

As a Cyber Security Detection Engineer, you will lead the development, implementation, and continuous improvement of Tesco's cyber security detection capability. You will be required to understand the changing threat landscape, see opportunities for improvement in existing detections, establish new detections, and ensure appropriate detection coverage for the organisation. You will work closely with multiple teams, including security operations, engineering, and risk & compliance, in a fast paced and agile environment.

Responsibilities

Responsible for developing and driving the cyber security detection capability both day-to-day and strategically for the Tesco Group. You are expected to seek out effective and comprehensive detection logic and capability, ensuring detections are robust and not brittle, thoroughly tested, and that alerts and supporting information is available to and understood by operational cyber security teams.

You are expected to put the needs of operational teams and incident responders at the centre of your development work, ensuring detections and alerts are relevant, of value, and have practical response steps. You will need to ensure detection capability is fit for both on-premises, private and public cloud environments, working at significant scale, and across a diverse range of asset types.

In addition, you may provide support during cyber security incidents, participate in threat hunts, and work with other security teams to deliver automation and standardisation to improve efficiency and response.

Required Skills
  • Ability to assess and validate information from various sources on cyber and informational security threats to business.
  • Ability to analyse and identify significance of processed intelligence to identify trends, threat actor TTPs and potential capabilities.
  • Ability to break down and translate information into tangible actionable data.
  • Understanding of cyber security threat frameworks such as MITRE ATT&CK, Lockheed Martin Killchain etc.
  • Ability to specify/implement processes to maintain required level of security for a component/product/system during its lifecycle.
  • Proficient at detection development lifecycle covering all reasonable positive and negative test cases.
  • Ability to conduct code reviews of existing content and processes to identify and enhance or mitigate security issues.
  • Contribute to security evaluation of or testing of threat/vulnerabilities faced by systems.
  • Apply recognised evaluation/testing methodologies, tools and techniques to signature development / reviews, suggesting new ones where appropriate.
  • Ability to quantify and define research goals to generate worthwhile relevant detection ideas for further testing and exploration.
  • Ability to summarise findings or technical information to be disseminated with wider teams, factoring in business knowledge and summaries.
Experience Relevance
  • Ability to develop queries and enable robust detection of threats.
  • Working knowledge of Windows, macOS, or Linux operating systems.
  • Ability to work independently as well as part of a team.
  • Understanding of modern attacker TTPs.
  • Translate threat intelligence into actionable detection logic.
  • Solid grasp of detection technologies.
  • A broad understanding of security concepts; an interest and passion for cyber security.
  • Analytical approach; ability in problem solving and comfortable working on production systems at scale.
  • Query languages such as KQL or SPL.
  • Experience developing and maintaining basic automation scripts (e.g., Bash, Python, Batch, Power Shell etc.).
Desirable Skills and Experience
  • Knowledge of cloud infrastructure, cloud security and cloud APIs.
  • Knowledge of attacker tools and evasion techniques within offensive engineering.
  • Working knowledge of at least one major programming language, including scripting languages like Python and Power Shell.
  • Experience of developing detections as code.
Benefits
  • Annual bonus scheme of up to 20% of base salary.
  • Holiday starting at 25 days plus a personal day (plus Bank holidays).
  • Private medical…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search