CrawlJobs Logo
Ryanair - Europe's Favourite Airline Logo Ryanair - Europe's Favourite Airline · IT - Software Development

Information Security Engineer – Cyber Threat Detection & Response

Poland, Wroclaw Employment contract · Job Posted February 16, 2026
Apply Position
Job Link Share

Job Description

Ryanair Labs are currently recruiting for a Information Security Engineer – Cyber Threat Detection & Response to join Europe’s Largest Airline Group! This is a very exciting time to join Ryanair as we look to expand our operation to 800 aircraft and 300 million guests within the next 10 years. Ryanair Labs is the technology brand of Ryanair. Labs is a state of-the-art digital & IT innovation hub creating Europe’s Leading Travel Experience for our customers. The Role: We are seeking an experienced Senior Threat Detection & Response Engineer to join our cybersecurity team supporting a fast-paced, cost-sensitive airline environment. The ideal candidate has a strong technical background in detection engineering, incident response and computer forensics. You will be responsible for developing actionable detections, responding to security incidents, and producing insightful KPI reports to support decision-making and regulatory compliance.

Job Responsibility

  • Develop and tune threat detection rules across SIEM, EDR, and cloud environments
  • Lead containment, eradication, and recovery efforts for cyber incidents
  • Create and maintain dashboards to track KPIs such as MTTD, MTTR, detection coverage, and investigation volume
  • Perform threat hunting based on current threat intelligence and adversary TTPs
  • Automate alert enrichment, triage, and response workflows using SOAR or scripting (Python/PowerShell)
  • Collaborate with IT, cloud, and compliance teams to enhance detection quality and response readiness
  • Contribute to documentation, playbooks, and continuous process improvement

Requirements

  • 6+ years in SOC, IR, or threat detection roles
  • Hands-on experience with SIEM (e.g., Microsoft Sentinel, Splunk), EDR (e.g., Defender, CrowdStrike)
  • Experience with Azure/AWS cloud security logs and detection use cases
  • Practical knowledge of MITRE ATT&CK
  • Ability to produce meaningful metrics and dashboards (e.g., Sentinel Workbooks, Power BI, Kibana)
  • Strong scripting skills (Python, PowerShell)
  • Clear communication skills across technical and non-technical stakeholders

Nice to have

  • Experience in aviation, logistics, or other regulated sectors
  • Familiarity with SOAR platforms
  • Certifications such as GCIA, GCIH, OSCP, or cloud security (AZ-500, AWS Security Specialty)
  • Understanding of NIS2 or EASA cybersecurity guidance

What we offer

  • Contract of employment (permanent after trial period)
  • Hybrid home office (2 days per week from the office, 3 days remote)
  • Discounted and unlimited travel to over 250 destinations
  • Multisport card
  • Private health care
  • Group insurance scheme
  • Possibility to take part in conferences, training and courses
  • Office located in the city center with a view for an Old Market Square
  • Annual events (i.e. St. Patrick’s Day)
  • Regular social meetings
  • Paid referral system
  • New office building surrounded by great dinettes right in the city centre
Ryanair - Europe's Favourite Airline - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Engineer – Cyber Threat Detection & Response

8 matching positions

Cyber Security Engineer

Darumatic is an IT Consultancy and Recruitment Services Company that focuses on ...
Location
Location
Australia , Canberra
Salary
Salary:
Not provided
darumatic.com Logo
Darumatic
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Character clearance, including a police check
  • Negative Vetting level 1
  • Political neutrality
  • Australian citizen
  • Experience using Sentinel or a similar SIEM solution is essential
  • In-depth familiarity with the Australian Government Information Security Manual
  • Experience with security technologies such as endpoint protection, firewalls and IDS/IPS
  • Extensive experience in Windows, Linux, networking and system administration
  • Experience with security services in the cloud (Azure or AWS)
Job Responsibility
Job Responsibility
  • Detection and coordination of incident response to threats, both foreign and domestic, against critical electoral systems
  • Augmenting the existing operations team to assist in uplifting the existing capability
  • Maintenance of cyber security monitoring and analysis toolsets
  • Taking a lead role in the build of the cyber security architecture through consultation with client's internal teams to secure this architecture
  • Working primarily in the office
  • Ability to work shifts as required in response to cyber security incident, and also to support electoral events at key periods (e.g. close of rolls, polling day)
Read More
Arrow Right

Information Security Engineer

Responsible for maintaining the integrity and security of enterprise-wide cyber ...
Location
Location
United States , Reston
Salary
Salary:
Not provided
ltconsultingllc.net Logo
LT Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI clearance
  • Bachelor’s degree in Computer Science, Engineering or a related field
Job Responsibility
Job Responsibility
  • Maintaining the integrity and security of enterprise-wide cyber systems and networks
  • Supporting cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff
  • Coordinating resources during enterprise incident response efforts, driving incidents to timely and complete resolution
  • Employing advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis
  • Supporting internal HR/Legal/Ethics investigations as forensic subject matter expert
  • Performing network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks
  • Reviewing threat data from various sources and develops custom signatures for Open Source IDS or other custom detection capabilities
  • Correlating actionable security events from various sources including Security Information Management System (SIMS) data and develops unique correlation techniques
  • Utilizing understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
  • Developing analytical products fusing enterprise and all-source intelligence
Read More
Arrow Right

Cyber Security Engineer

We are looking for someone dynamic who can quickly adapt to new challenges and f...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
miniclip.com Logo
Miniclip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 1 year of experience in SOC or similar cybersecurity role with exposure to advanced threat detection and analysis
  • Background in Computer Science, Information Technology, or a related field
  • Proficiency in SIEM platforms (e.g., Sentinel, Splunk, QRadar) and writing custom correlation rules
  • Hands-on experience conducting: Technical Software Security Risk Assessments
  • Vulnerability Assessments in web and/or mobile applications, and Physical and Wireless penetration testing
  • Document and report incidents/assessments/findings
  • Understanding of cybersecurity standards and frameworks (e.g., ISO27001, NIST, NIS2, OWASP)
  • Availability for work outside of regular hours on short notice to handle emergencies
  • A social and hard-working candidate who thrives in a team environment and is passionate about their work
  • Solid understanding of cyber security best practices and frameworks
Job Responsibility
Job Responsibility
  • Incident handling: Identifying, triaging, and investigating potential security incidents
  • Systems Administration: Understanding system internals and implementing effective countermeasures and remediation strategies on different operating systems
  • Computer Forensic Analysis: Possessing a background in utilizing diverse forensic analysis tools during incident response investigations to assess the scope and depth of compromise
  • Vulnerability Assessment: Review and validate vulnerability reports collected by our systems working closely with cross-functional core/development teams to prioritize and facilitate the remediation of identified vulnerabilities in a timely manner
  • Reporting and documentation: Develop and maintain accurate records of all the incidents, vulnerability reports, assessments, remediation efforts, ensuring clear documentation of findings and resolutions
  • Awareness: Promote security awareness within the organization by conducting training sessions, sharing insights on emerging threats, and fostering a culture of security consciousness
  • Threat Hunting: Performing proactive threat hunting across the group
  • Physical Security: Availability to travel through our different studios to identify physical vulnerabilities and propose remediation measures
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Principal Security Operations Engineer

Microsoft Specialized Clouds Security Fundamentals team is responsible for secur...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Data-Driven Analysis
  • Red/Purple Team Operations
  • Automation
  • Collaboration
  • Customer/Partner Experience
  • Monitoring and Detection
  • Security Incident Response
  • Translate Security Policy and Standards into Effective Controls
  • Identification and Detection of Control Failures
  • Threat Intelligence and Analysis
  • Fulltime
Read More
Arrow Right

Principal Security Operations Engineer - Systems Architect

The Cloud & AI organization accelerates Microsoft’s mission and ambitions to ens...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Own the TCB security architecture: threat model key trust boundaries, define target states, and codify compensating controls
  • Lead risk identification & key results frameworks: quantify breach paths, set objective success criteria, and measure risk residuals
  • Architect isolation patterns (identities, secrets, network paths, compute/storage seams) and drive enforcement with engineering owners
  • Design telemetry baselines and validation loops (coverage, quality, retention) to support operations, and close gaps with productized pipelines
  • Run burndown campaigns: prioritize work, produce decision docs, sequence mitigations, and hold the line on SLAs
  • Fulltime
Read More
Arrow Right

Telemetry Operations Leader

The Telemetry Operations Leader drives the operational backbone of the Telemetry...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Own day-to-day operations for telemetry access, brokering, curation, and monitoring, ensuring the function consistently meets SLA/SLO targets and service expectations across clouds, tenants, and data types
  • Maintain and evolve predictable access pathways, reducing friction points and handoffs for analysts and engineers
  • Drive operational excellence through structured inspection rhythms, backlog transparency, and standardization of request types and service catalog items
  • Oversee the end‑to‑end intake → triage → greenlight → delivery pipeline for telemetry requests, ensuring the highest‑impact datasets and access paths are prioritized
  • Partner with upstream service teams to broker access accurately, escalate gaps, and drive engineering follow‑through when generation is required
  • Ensure prioritization decisions are transparent, value‑driven, and communicated broadly across the cyber defense ecosystem
  • Lead the development and operationalization of monitoring frameworks for telemetry coverage, data freshness, critical failures, and dependency health
  • Own dashboards and reporting for service health, cycle time, request volumes, SLA adherence, and failure clusters
  • Ensure rapid escalation paths for critical telemetry failures to technical owners
  • Systematize the operating model for data discovery, access, brokering, and curation
  • Fulltime
Read More
Arrow Right

Security Operations Engineering IC4

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
  • Citizenship & Citizenship Verification
Job Responsibility
Job Responsibility
  • Perform cyber defense incident and/or vulnerability triage to determine scope, urgency, and potential risk impact
  • Make high-stake decisions that enable expeditious remediation of risk to protect customers and Microsoft
  • Track and document cyber defense incidents from initial escalation through final resolution
  • Provide tactical security decisions and coordinate enterprise-wide cyber defenders to resolve incidents
  • Send timely and clear executive updates explaining the risk to customers and Microsoft
  • Advise and validate customer notifications and/or authoritative security guidance for customers
  • Conduct incident analysis, produce reports, and briefs informing threat landscape trends and future investment areas to improve security
  • Fulltime
Read More
Arrow Right