CrawlJobs Logo
Fynity Logo Fynity · IT - Software Development

Detection Engineer

United Kingdom, Farnborough 55000.00 - 65000.00 GBP / Year · Job Posted May 11, 2026
Apply Position
Job Link Share

Job Description

Detection Engineer | Cyber Security | Farnborough (Hybrid – 2 days onsite) | Up to £65,000 + Excellent Benefits | SC Clearance (or eligibility required) | Ready to engineer the frontline of cyber defence? We're working with a highly respected cyber security operation supporting critical defence environments, seeking a Detection Engineer to strengthen and evolve advanced threat detection capability across secure enterprise environments. This is a hands-on technical role where you'll design, build and optimise detection logic across SIEM platforms, working directly against real-world attacker techniques in a mature, high-performing SOC. You'll have the autonomy to shape detection strategy, influence capability development, and act as a technical SME within a complex MSSP environment.

Job Responsibility

  • Engineering and refining advanced SIEM detections across secure environments
  • Researching emerging threats and mapping detections to MITRE ATT&CK
  • Tuning detections to improve fidelity and reduce false positives
  • Supporting SOC analysts and wider engineering teams with technical expertise
  • Driving detection maturity and technical standards

Requirements

  • Strong Splunk (SPL) and/or Microsoft Sentinel (KQL) experience
  • Detection engineering experience within enterprise or MSSP environments
  • Solid understanding of attacker TTPs and threat detection methodologies
  • Scripting ability (Python / PowerShell)
  • Knowledge of cloud and enterprise infrastructure
  • SC Cleared or eligible

Nice to have

  • QRadar
  • EDR threat hunting
  • CrowdStrike
  • Defender for Endpoint
Fynity - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Detection Engineer

8 matching positions

Senior Cyber Detection Engineer (SIEM)

Zachary Piper Solutions is seeking a Senior Cyber Detection Engineer (SIEM) to s...
Location
Location
United States , Springfield
Salary
Salary:
135000.00 - 150000.00 USD / Year
pipercompanies.com Logo
Piper Companies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI CI Polygraph required
  • Bachelor’s degree from an accredited college in a related discipline and 5+ years of prior relevant experience
  • IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required
  • Proficient in modern operating systems, including Windows, UNIX, network OS environments, databases, and virtualized computing platforms
  • Experienced with enterprise-grade security tools, such as Security Information and Event Management (SIEM) systems specifically Splunk, Threat Intelligence Platforms (TIPs), and network monitoring solutions
  • Skilled in developing, modifying, and fine-tuning detection mechanisms, including IDS signatures and SIEM correlation rules
  • Knowledgeable in implementing cybersecurity countermeasures and mitigation strategies to reduce risk and enhance system resilience
Job Responsibility
Job Responsibility
  • Support Cyber Operations Squadron (COS) efforts by ensuring timely publication of updated cybersecurity tool signatures, including antivirus and host-based security systems
  • Conduct in-depth threat analysis, including reverse engineering of malware, to uncover critical details such as origin, target, impacted systems, recommended mitigations, and mission risk
  • Develop custom content for Security Information and Event Management (SIEM) tools and create tailored IDS/IPS signatures to counter specific threats
  • Correlate security events and incidents using data from diverse enterprise sources to identify patterns and potential threats
  • Assess the impact of cyber incidents on data and infrastructure, providing detailed evaluations of damage and recovery needs
  • Perform trend analysis and reporting on cyber incidents to identify recurring threats and inform proactive defense strategies
  • Analyze network traffic and system data to detect anomalies and potential security threats
  • Deliver real-time detection, identification, and reporting of cyber intrusions, suspicious activities, and policy violations
  • Create and implement detection rules
What we offer
What we offer
  • Full Benefits: PTO
  • 11 Paid Holidays
  • Cigna Medical, Dental, and Vision
  • 401k with ADP
  • Certification reimbursement
  • Contract mobility and job stability – Contract through 2026
  • Fulltime
Read More
Arrow Right

Security Engineer (Detection & Response)

As a Security Engineer, you will take on a key responsibility to improve the Sec...
Location
Location
Philippines , Manila
Salary
Salary:
Not provided
HelloFresh
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 2 years of experience working in mature SOC environments
  • Security monitoring and incident response experience in public cloud environments such as AWS
  • Experience with cloud SIEM & SOAR platforms, DDoS mitigation and preventing tools and Layer-7 Web-based perimeter security controls
  • Understanding of network intrusion methods, network containment, segregation techniques and technologies such as Sandboxes and Intrusion Detection/Prevention Systems (ID/PS)
  • Ability to operate EDR, EPP and Device Management solutions as per best security practices
  • Decent programming skills to enable data processing, IaC and security automations
  • Good communication and reporting skills
  • Experience with log analysis stacks like ElasticSearch, Splunk/SumoLogic
  • Open to working on-call in rotational shifts
Job Responsibility
Job Responsibility
  • Responsible for SOC monitoring, use-case building, triage and advisory using cloud-native SIEM platforms
  • Conduct initial triage of security events and incidents and document progress throughout the Incident Response Lifecycle
  • Automate, optimize, automate and operate modern security solutions like EDR/EPPs and conventional Firewalls, IDS/IPS, Email Security, VPN, and MDM tools
  • Leverage premium and open-source threat intel feeds to regularly sweep environments against rising APT campaigns
  • Prepare status reports and follow up with the stakeholders through Jira and Incident Mgmt. Platform to close the remediation loop
  • Facilitate efficient Incident Detection and Response in AWS cloud and enterprise IT environments
What we offer
What we offer
  • Competitive Compensation
  • Long Service Benefits (anniversary bonus)
  • Mental health support
  • HMO medical coverage
  • Generous leave benefits
  • Life insurance
  • Annual learning & development budget
  • Access to the 360 Learning platform
  • Dynamic Environment
  • Work-Life Balance
  • Fulltime
Read More
Arrow Right

Senior SIEM Detection Engineer

We are seeking an experienced Senior SIEM Detection Engineer to design, implemen...
Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in SIEM, cybersecurity, or detection engineering
  • Strong expertise in SIEM detection engineering and alert optimization
  • Experience with log source integration and data normalization
  • Hands-on experience with CrowdStrike SIEM and dashboard development
  • Proven ability in documentation, reporting, and knowledge transfer
  • Strong experience in stakeholder engagement and executive communication
Job Responsibility
Job Responsibility
  • Design and develop SIEM detection rules and alerting mechanisms
  • Optimize alerts to reduce false positives and improve detection accuracy
  • Integrate and onboard log sources across enterprise systems
  • Perform data normalization and parsing to ensure consistent log analysis
  • Build and maintain dashboards and reports for security monitoring and executive visibility
  • Work hands-on with CrowdStrike SIEM for detection and dashboard development
  • Collaborate with security and IT teams to enhance threat detection capabilities
  • Document processes, detection logic, and operational procedures
  • Communicate findings and insights to technical teams and executive stakeholders
  • Support continuous improvement of SIEM performance and security monitoring strategies
Read More
Arrow Right

Security Engineer, Detection & Response

We are seeking a Senior Security Engineer with a specialty in Detection and Inci...
Location
Location
United States , New York; San Francisco; Seattle; Washington
Salary
Salary:
237600.00 - 297000.00 USD / Year
scale.com Logo
Scale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Detection Engineering, Incident Response, or Security Operations, with a strong emphasis on building and shipping security tooling and automation
  • Proficiency in at least one programming language (e.g., Python, Go) and comfort writing production-grade code — not just scripts
  • Hands-on experience designing or improving detection pipelines, SIEM content, and alerting workflows in cloud-native environments
  • Practical experience with SIEM, EDR, and SOAR tools, with a preference for candidates who have built integrations or extended these platforms programmatically
  • Strong understanding of modern cyber threats, common attack techniques, and adversary TTPs
  • Familiarity with digital forensics tools and malware analysis techniques
  • Experience with cloud-native environments (e.g., AWS, GCP, Azure) and the security telemetry those environments generate
  • Exposure to threat intelligence platforms and integrating intel into detection and investigation workflows
  • Strong communication skills, with the ability to translate complex security findings into clear business impact
  • Relevant security certifications (e.g., GCIH, GCFA, GCIA, CISSP, GDSA) are a plus
Job Responsibility
Job Responsibility
  • Engineer, test, and deploy detection logic across cloud and enterprise environments, treating detections as software with version control, peer review, and measurable performance
  • Build and maintain incident response automation, runbooks, and tooling that reduce containment timelines without sacrificing developer velocity
  • Mature telemetry pipelines through improved schema design, normalization, enrichment, and quality checks that reduce false positives and increase signal fidelity
  • Perform digital incident investigations to identify and contain potential security breaches
  • Conduct digital forensics and malware analysis to understand attack vectors and adversary methodologies
  • Integrate alerting with messaging and ticketing systems to enable fast, traceable response workflows
  • Partner cross-functionally with IT, security, and engineering teams to harden identity and access patterns, close logging and forensics gaps, and implement maintainable guardrails that scale with the organization
  • Utilize threat intelligence platforms to improve hunting, detection, and response workflows
  • Clearly explain the significance and impact of incidents, providing actionable recommendations to both technical and non-technical stakeholders
What we offer
What we offer
  • Comprehensive health, dental and vision coverage
  • retirement benefits
  • learning and development stipend
  • generous PTO
  • commuter stipend
  • Fulltime
Read More
Arrow Right

Leak Detection Engineer

Airswift is hiring a contract Leak Detection Engineer for their top midstream O&...
Location
Location
United States , Houston
Salary
Salary:
Not provided
airswift.com Logo
Airswift Sweden
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Chemical, Mechanical, or Petroleum Engineering is required
  • Working knowledge of fluid properties and hydraulic theory
  • 5+ years of experience in the energy business working with pipeline simulation is required
  • Midstream oil and gas experience preferred
  • Knowledge of at least one real-time transient pipeline model simulation software is required
  • Excellent communication skills and ability to effectively communicate to all levels of management
  • Ability to work in a team or individually
  • Required to analyze problems, develop effective solutions and see task through to completion
  • Ability to handle multiple ongoing assignments
Job Responsibility
Job Responsibility
  • Executing the implementation of ELDS models and other LDP initiatives
  • Monitoring alarm rates on ELDS applications and help investigate elevated alarm rates (“Bad Actor” false alarms)
  • Responsible for CPM performance evaluations
Read More
Arrow Right

Detection Engineer, Senior

We’re looking for a self‑motivated, hands‑on self‑starter who thrives in environ...
Location
Location
United States , Fort Meade
Salary
Salary:
77600.00 - 176000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a security engineering function, such as detection engineering, SOC analytics, or threat hunting
  • Experience contributing to shared rule and detection repositories
  • Experience authoring detections in two or more of the following: Sigma, YARA, Suricata, Splunk SPL, KQL, or SQL/DB‑SQL
  • Experience applying Detection‑as‑Code (DaC) best practices, such as Git workflows, pull requests, automated linting, CI pipelines, unit tests, and metadata enforcement
  • Experience with detection versioning, semantic versioning, changelogs, and ruleset lifecycle management
  • Experience building detections across multiple log sources and platforms, such as EDR/XDR, SIEM, cloud telemetry, and identity providers
  • Ability to demonstrate map detections to MITRE ATT&CK techniques and communicate coverage effectively to stakeholders
  • Ability to communicate detection logic clearly, document rationale, and collaborate with SOC, IR, and engineering partners
  • Ability to obtain a Secret clearance
  • HS diploma or GED
Job Responsibility
Job Responsibility
  • Design, build, test, and maintain production‑grade detections across diverse data sources—endpoint, network, identity, SaaS, and cloud—while applying Detection‑as‑Code (DaC) practices to ensure consistency, scalability, versioning, and automation
  • Collaborate closely with incident responders, hunters, and platform engineers to map rules to MITRE ATT&CK, maintain coverage dashboards, and continuously iterate on fidelity and performance
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

Security Engineer, Detection and Response

As a Security Engineer on Detection & Response, you’ll help protect OpenAI’s mos...
Location
Location
United States , San Francisco; Seattle; New York City
Salary
Salary:
293000.00 - 385000.00 USD / Year
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have hands-on threat detection and/or incident response experience, including building detections, running investigations, and improving operational playbooks
  • Understand modern adversary tradecraft (TTPs) and can translate it into practical detection strategies and response actions
  • Bring a threat modeling mindset
  • Have experience working in Kubernetes/containerized environments
  • Are comfortable reasoning about lower-level infrastructure and datacenter risks
  • Have experience across major cloud platforms (Azure, AWS, GCP, OCI)
  • Like building automation that replaces repetitive D&R work
  • Are energized by new problem areas at a forward-leaning technology company
  • Communicate clearly and collaborate well across teams
  • Are comfortable with scripting and enjoy using AI/agent tooling to accelerate investigations and automation
Job Responsibility
Job Responsibility
  • Build and evolve Detection & Response capabilities across OpenAI’s infrastructure, products, and research environments
  • Engineer detection pipelines and tooling: develop rule lifecycle management, measurement/quality loops, tuning processes, and safe rollout patterns
  • Automate response and investigations by building workflows that reduce toil
  • Partner with other Security teams and system/infrastructure owners across the company to ensure new systems ship with the right telemetry, threat models, and response playbooks
  • Define D&R requirements and drive visibility across endpoints, identity, SaaS, cloud, Kubernetes
  • Evaluate and respond to emergent security concerns in a frontier AI lab environment
What we offer
What we offer
  • Offers Equity
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Fulltime
Read More
Arrow Right

Security Engineer, Detection and Response

As a Security Engineer on Detection & Response, you’ll help protect OpenAI’s mos...
Location
Location
Australia; Japan; Singapore , Sydney; Tokyo; Singapore
Salary
Salary:
Not provided
openai.com Logo
OpenAI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have hands-on threat detection and/or incident response experience, including building detections, running investigations, and improving operational playbooks
  • Understand modern adversary tradecraft (TTPs) and can translate it into practical detection strategies and response actions
  • Bring a threat modeling mindset. You can evaluate new infrastructure or features, identify D&R implications (what could go wrong, what we’d need to see, how we’d respond), and turn that into concrete requirements for teams shipping the system
  • Have experience working in Kubernetes/containerized environments, including building detections from cluster telemetry and understanding common failure and attack modes (workloads, nodes, control plane, networking)
  • Are comfortable reasoning about lower-level infrastructure and datacenter risks, such as firmware/BMC surfaces, network segmentation/telemetry, and hard-to-observe control paths
  • Have experience across major cloud platforms (Azure, AWS, GCP, OCI), and can design cloud-agnostic detection approaches where possible
  • Like building automation that replaces repetitive D&R work, including thoughtfully using agent-style workflows where they meaningfully reduce toil, while keeping outcomes measurable, auditable, and safe
  • Are energized by new problem areas at a forward-leaning technology company: e.g., thinking through how to detect and respond to agents operating across systems at scale, and turning those ideas into pragmatic telemetry and response requirements
  • Communicate clearly and collaborate well across teams. You can translate D&R needs into clear requirements, align stakeholders, and drive follow-through across technical and non-technical audiences
  • Are comfortable with scripting and enjoy using AI/agent tooling to accelerate investigations and automation—more “directing” than doing everything by hand
Job Responsibility
Job Responsibility
  • Build and evolve Detection & Response capabilities across OpenAI’s infrastructure, products, and research environments, with an emphasis on high-signal detection and reliable operational response
  • Engineer detection pipelines and tooling: develop rule lifecycle management, measurement/quality loops (coverage, precision, latency), tuning processes, and safe rollout patterns
  • Automate response and investigations by building workflows that reduce toil (triage, enrichment, containment, evidence capture) and improve time-to-understand/time-to-contain
  • Partner with other Security teams and system/infrastructure owners across the company to ensure new systems ship with the right telemetry, threat models, and response playbooks from day one
  • Define D&R requirements and drive visibility across endpoints, identity, SaaS, cloud, Kubernetes: identify telemetry/control gaps, prioritize them, and advocate for fixes with partner teams (and implement directly when it’s the fastest/most effective path)
  • Evaluate and respond to emergent security concerns in a frontier AI lab environment, such as detection and response strategies for agents operating across infrastructure at scale
  • Fulltime
Read More
Arrow Right