CrawlJobs Logo

Information Security Engineer – Cyber Threat Detection & Response

ryanair.com Logo

Ryanair - Europe's Favourite Airline

Location Icon

Location:
Poland , Wroclaw

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Ryanair Labs are currently recruiting for a Information Security Engineer – Cyber Threat Detection & Response to join Europe’s Largest Airline Group! This is a very exciting time to join Ryanair as we look to expand our operation to 800 aircraft and 300 million guests within the next 10 years. Ryanair Labs is the technology brand of Ryanair. Labs is a state of-the-art digital & IT innovation hub creating Europe’s Leading Travel Experience for our customers. The Role: We are seeking an experienced Senior Threat Detection & Response Engineer to join our cybersecurity team supporting a fast-paced, cost-sensitive airline environment. The ideal candidate has a strong technical background in detection engineering, incident response and computer forensics. You will be responsible for developing actionable detections, responding to security incidents, and producing insightful KPI reports to support decision-making and regulatory compliance.

Job Responsibility:

  • Develop and tune threat detection rules across SIEM, EDR, and cloud environments
  • Lead containment, eradication, and recovery efforts for cyber incidents
  • Create and maintain dashboards to track KPIs such as MTTD, MTTR, detection coverage, and investigation volume
  • Perform threat hunting based on current threat intelligence and adversary TTPs
  • Automate alert enrichment, triage, and response workflows using SOAR or scripting (Python/PowerShell)
  • Collaborate with IT, cloud, and compliance teams to enhance detection quality and response readiness
  • Contribute to documentation, playbooks, and continuous process improvement

Requirements:

  • 6+ years in SOC, IR, or threat detection roles
  • Hands-on experience with SIEM (e.g., Microsoft Sentinel, Splunk), EDR (e.g., Defender, CrowdStrike)
  • Experience with Azure/AWS cloud security logs and detection use cases
  • Practical knowledge of MITRE ATT&CK
  • Ability to produce meaningful metrics and dashboards (e.g., Sentinel Workbooks, Power BI, Kibana)
  • Strong scripting skills (Python, PowerShell)
  • Clear communication skills across technical and non-technical stakeholders

Nice to have:

  • Experience in aviation, logistics, or other regulated sectors
  • Familiarity with SOAR platforms
  • Certifications such as GCIA, GCIH, OSCP, or cloud security (AZ-500, AWS Security Specialty)
  • Understanding of NIS2 or EASA cybersecurity guidance
What we offer:
  • Contract of employment (permanent after trial period)
  • Hybrid home office (2 days per week from the office, 3 days remote)
  • Discounted and unlimited travel to over 250 destinations
  • Multisport card
  • Private health care
  • Group insurance scheme
  • Possibility to take part in conferences, training and courses
  • Office located in the city center with a view for an Old Market Square
  • Annual events (i.e. St. Patrick’s Day)
  • Regular social meetings
  • Paid referral system
  • New office building surrounded by great dinettes right in the city centre

Additional Information:

Job Posted:
February 16, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Ryanair - Europe's Favourite Airline - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Information Security Engineer – Cyber Threat Detection & Response

Threat Detection Engineer

At Atlassian, we are seeking a skilled Threat Detection Engineer to join our tea...
Location
Location
United States , San Francisco
Salary
Salary:
128300.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Minimum 3 years experience in Security Operations roles and 1 year experience in Detection Engineering role
  • Experience building threat detection mechanisms in common log analysis platforms (eg. Splunk)
  • Experience using common programming languages to build automation
  • Experience performing threat hunting
  • Experience using security detection technologies and systems, including firewalls, intrusion detection systems, EDR, and authentication systems
  • Experience with cloud technologies including AWS and network protocols
  • Strong analytical skills and the ability to effectively identify and resolve problems
Job Responsibility
Job Responsibility
  • Develop advanced threat detection mechanisms that can effectively identify and raise alerts for any adversarial or high-risk behaviors within the company's systems
  • Continuous improvement and fine-tuning of detection systems to effectively adapt to new and emerging cyber threats
  • Monitor and enhance critical detection systems to ensure their reliability and effectiveness in delivering robust detection capabilities
  • Collaborate with partner teams such as Incident Response and Threat Intelligence to establish and maintain meaningful security alerts
  • Perform threat hunting activities to proactively identify and mitigate new and emerging threats within Atlassian's systems
  • Automate common security operational tasks, aiming to streamline and optimize routine security activities
  • Develop tools, systems, and programs to enhance and fortify Atlassian's overall security posture
  • Remain informed about the latest security trends, emerging threats, and evolving technologies to ensure that Atlassian is well-prepared to adapt to new security challenges
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Senior Threat Detection Engineer

We’re expanding our Threat Detection Engineering team at Atlassian and looking f...
Location
Location
United States , San Francisco
Salary
Salary:
146300.00 - 235000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Minimum 3 years experience in Detection Engineering roles
  • Experience building advanced data analytics and ML based detection models to identify complex threats
  • Experience building effective detection capabilities to modern cloud environments
  • Experience using common programming languages to build automation
  • Experience identifying threats through proactive threat hunting
  • Experience using security detection technologies and systems, including firewalls, intrusion detection systems, EDR, and authentication systems
  • Experience successfully delivering complex projects
  • Strong analytical skills and the ability to effectively identify and resolve problems
Job Responsibility
Job Responsibility
  • Develop advanced threat detection mechanisms using complex data analytics and machine learning models that can effectively identify and raise alerts for any adversarial or high-risk behaviors within the Atlassian’s systems
  • Continuous improvement and fine-tuning of detection systems to effectively adapt to new and emerging cyber threats
  • Monitor and enhance critical detection systems to ensure their reliability and effectiveness in delivering robust detection capabilities
  • Deploy new detection technologies to continuously uplift and improve our detection capabilities
  • Collaborate with partner teams such as Incident Response and Threat Intelligence is to establish and maintain meaningful security alerts
  • Work closely with these teams to ensure security alerts are relevant, actionable, and aligned with the overall security strategy
  • Collaborate closely with Product Engineering, Data Platform, and Security Engineering teams to advance our detection coverage and tooling in our production cloud environments
  • Automate complex security operational tasks, aiming to streamline and optimize routine security activities
  • Develop tools, systems, and programs to enhance and fortify Atlassian's overall security posture
  • Remain informed about the latest security trends, emerging threats, and evolving technologies to ensure that Atlassian is well-prepared to adapt to new security challenges
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

Darumatic is an IT Consultancy and Recruitment Services Company that focuses on ...
Location
Location
Australia , Canberra
Salary
Salary:
Not provided
darumatic.com Logo
Darumatic
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Character clearance, including a police check
  • Negative Vetting level 1
  • Political neutrality
  • Australian citizen
  • Experience using Sentinel or a similar SIEM solution is essential
  • In-depth familiarity with the Australian Government Information Security Manual
  • Experience with security technologies such as endpoint protection, firewalls and IDS/IPS
  • Extensive experience in Windows, Linux, networking and system administration
  • Experience with security services in the cloud (Azure or AWS)
Job Responsibility
Job Responsibility
  • Detection and coordination of incident response to threats, both foreign and domestic, against critical electoral systems
  • Augmenting the existing operations team to assist in uplifting the existing capability
  • Maintenance of cyber security monitoring and analysis toolsets
  • Taking a lead role in the build of the cyber security architecture through consultation with client's internal teams to secure this architecture
  • Working primarily in the office
  • Ability to work shifts as required in response to cyber security incident, and also to support electoral events at key periods (e.g. close of rolls, polling day)
Read More
Arrow Right

Information Security Engineer

Responsible for maintaining the integrity and security of enterprise-wide cyber ...
Location
Location
United States , Reston
Salary
Salary:
Not provided
ltconsultingllc.net Logo
LT Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI clearance
  • Bachelor’s degree in Computer Science, Engineering or a related field
Job Responsibility
Job Responsibility
  • Maintaining the integrity and security of enterprise-wide cyber systems and networks
  • Supporting cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff
  • Coordinating resources during enterprise incident response efforts, driving incidents to timely and complete resolution
  • Employing advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis
  • Supporting internal HR/Legal/Ethics investigations as forensic subject matter expert
  • Performing network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks
  • Reviewing threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities
  • Correlating actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques
  • Utilizing understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
  • Developing analytical products fusing enterprise and all-source intelligence
Read More
Arrow Right

Cyber Security Engineer

We are looking for someone dynamic who can quickly adapt to new challenges and f...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
miniclip.com Logo
Miniclip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 1 year of experience in SOC or similar cybersecurity role with exposure to advanced threat detection and analysis
  • Background in Computer Science, Information Technology, or a related field
  • Proficiency in SIEM platforms (e.g., Sentinel, Splunk, QRadar) and writing custom correlation rules
  • Hands-on experience conducting: Technical Software Security Risk Assessments
  • Vulnerability Assessments in web and/or mobile applications, and Physical and Wireless penetration testing
  • Document and report incidents/assessments/findings
  • Understanding of cybersecurity standards and frameworks (e.g., ISO27001, NIST, NIS2, OWASP)
  • Availability for work outside of regular hours on short notice to handle emergencies
  • A social and hard-working candidate who thrives in a team environment and is passionate about their work
  • Solid understanding of cyber security best practices and frameworks
Job Responsibility
Job Responsibility
  • Incident handling: Identifying, triaging, and investigating potential security incidents
  • Systems Administration: Understanding system internals and implementing effective countermeasures and remediation strategies on different operating systems
  • Computer Forensic Analysis: Possessing a background in utilizing diverse forensic analysis tools during incident response investigations to assess the scope and depth of compromise
  • Vulnerability Assessment: Review and validate vulnerability reports collected by our systems working closely with cross-functional core/development teams to prioritize and facilitate the remediation of identified vulnerabilities in a timely manner
  • Reporting and documentation: Develop and maintain accurate records of all the incidents, vulnerability reports, assessments, remediation efforts, ensuring clear documentation of findings and resolutions
  • Awareness: Promote security awareness within the organization by conducting training sessions, sharing insights on emerging threats, and fostering a culture of security consciousness
  • Threat Hunting: Performing proactive threat hunting across the group
  • Physical Security: Availability to travel through our different studios to identify physical vulnerabilities and propose remediation measures
Read More
Arrow Right

Cyber Security Engineer

The Cyber Security Engineer is responsible for managing and securing the organiz...
Location
Location
United States , El Monte
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of 4 years of experience in cybersecurity, IT administration, or a related role
  • Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) preferred
  • Strong knowledge of security technologies, including firewalls, VPNs, IDS/IPS, and antivirus solutions
  • Experience with Office 365 security configurations, including conditional access and MFA
  • Proficiency in Azure security concepts and tools
  • Familiarity with internal and external scanning tools and techniques
  • Knowledge of security frameworks and standards.
Job Responsibility
Job Responsibility
  • Administer and manage security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions
  • Monitor and analyze security logs and alerts to detect and respond to potential security incidents
  • Implement and manage identity and access management (IAM) systems, including user provisioning and de-provisioning for Office 365 and Azure environments
  • Configure and enforce conditional access policies to ensure secure access to applications and data based on user context and risk levels
  • Implement multi-factor authentication (MFA) to strengthen security for Office 365 and other critical applications
  • Respond to and investigate security incidents, coordinating with IT and other departments to remediate vulnerabilities
  • Maintain incident response plans and participate in post-incident reviews to improve security processes
  • Conduct regular internal and external vulnerability scans to identify security weaknesses and ensure compliance
  • Perform penetration testing and threat assessments to simulate attacks and evaluate the security posture of the organization
  • Develop, implement, and maintain security policies, procedures, and guidelines specific to Office 365, Azure, and other cloud services
What we offer
What we offer
  • Access to top jobs, competitive compensation and benefits, and free online training
  • Medical, vision, dental, and life and disability insurance
  • Eligibility to enroll in 401(k) plan.
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy