×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Senior Detection Engineer

Job in Welwyn Garden City, Hertfordshire, AL8, England, UK
Listing for: Lorien
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below

Senior Detection Engineer

Position – Hybrid/ Remote with occasional travel to Welwyn Garden City

Location - London, UK

Employment - Contract

Duration - 3 Months

THE ROLE:

To design, develop and maintain high‑quality detection logic aligned with the MITRE ATT&CK framework. The role involves close collaboration with SOC analysts, incident responders, and threat intelligence teams to develop high‑impact, context‑rich use cases across Windows, Linux and cloud environments.

This position demands a balance of technical depth, analytical thinking, and strong content development skills to ensure detections are both effective and operationally relevant.

KEY RESPONSIBILITIES
  • Design, develop, and maintain robust detection content aligned to MITRE ATT&CK and threat‑led priorities.
  • Build and optimise detection queries using KQL, applying efficiency and best practices in logic construction.
  • Support the full detection engineering lifecycle, including modelling, data onboarding, rule development, deployment, and iterative tuning.
  • Collaborate with SOC and threat intelligence teams to validate alert quality, minimise false positives, and ensure operational relevance.
  • Maintain detection‑as‑code repositories in Git Hub, ensuring proper version control, peer review, and documentation standards.
  • Document all detection content with clear context, data dependencies, and investigation guidance.
SKILLS
  • Strong hands‑on experience with Microsoft Defender (Endpoint, Cloud, Identity) and Splunk Enterprise Security.
  • Proficiency in KQL and SPL, with the ability to optimise query performance and maintain clarity of logic.
  • Demonstrated experience with detection‑as‑code practices using Git Hub or similar version control platforms.
  • Deep understanding of MITRE ATT&CK, threat actor TTPs, and translating them into detection use cases.
  • Familiarity with enterprise logging, data onboarding, and schema normalisation.
  • Working knowledge of Sentinel, Defender for Endpoint, Splunk ES, Jira, and Confluence.
  • Strong written communication skills for content development, documentation, and stakeholder collaboration.
Seniority level

Mid‑Senior level

Employment type

Contract

Job function

Information Technology

Industries

Staffing and Recruiting

#J-18808-Ljbffr
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search