At a Glance
- Tasks: Lead a global team to enhance detection logic for advanced cyber security.
- Company: Dynamic cyber services firm with a focus on innovation and collaboration.
- Benefits: Flexible working, enhanced holiday allowance, and comprehensive well-being initiatives.
- Other info: Join a high-performance culture with excellent career growth opportunities.
- Why this job: Make a real impact in cyber security while leading a diverse, global team.
- Qualifications: Experience in detection engineering and strong leadership skills required.
The predicted salary is between 80000 - 100000 £ per year.
The purpose of this role is to lead a global team that builds, maintains and continuously improves detection logic across a variety of MXDR technologies, according to a clear strategy that is regularly updated to meet market and client demands. The global team will be made up of regionally located colleagues (UK, NL, AU & PH), that all contribute to a global set of detection logic, custom detections for clients and structural improvement projects around these themes. The head of global detection engineering will be responsible for ensuring a market leading detection coverage on the technologies we deploy as part of our MXDR services. They ensure that we detect high risk cyber attack techniques, that result in high fidelity detections at our clients, with low false positive ratios.
A key part of the role is engaging and collaborating with other leaders in the GMS and NCC business, to ensure that we achieve the following key ambitions:
- Develop new detection logic to contribute to Detection Engineering content repository.
- Continuously improve existing detection logic.
- Write and maintain detection test cases.
- Review findings of TI, CERT, and Red Team activities and evaluate from a detection engineering improvement perspective.
Key Responsibilities
- Lead a global implementation team that builds, maintains and continuously improves detection logic across a variety of MXDR technologies.
- Be part of the GMS DevSecOps leadership team and actively contribute to setting vision, direction and feature set of our technology platforms.
- Ensure that our detection logic is a differentiator in the market, providing extensive and high quality coverage for advanced cyber attacks.
- Manage senior detection engineers who each manage a number of detection engineers on a specific technology set (EDR, NDR, SIEM).
- Work pro-actively with wider NCC teams to ensure all relevant inputs are available (TI, DFIR, RTO etc) to build top-notch detection logic and to ensure other teams (like solution architecture and implementations) have the required information to deploy high quality MXDR systems with the best possible coverage.
- Ensure that we can always provide transparency to clients about the detection coverage they receive.
- Ensure that we develop new ways of applying data science to our vast data sets in order to further improve detection of cyber attacks, correlation of alerts and other efficiencies and improvements that provide improved coverage to clients and improved efficiency to our SOC.
Skills, Knowledge & Expertise
- Experience in detection engineering on a range of technologies (SIEM and EDR, ideally NDR as well).
- Experience in working in a global firm in a multi-cultural context.
- Experience in working in a complex international environment, that's subjected to a significant amount of change.
- Excellent oral and written communication skills.
- Ability to work with clients and NCC colleagues to continuously improve the service we deliver.
- Experience with and knowledge of application of data science within a cyber security context.
- Inspiring leader, with ability to communicate effectively at all levels, creating an approachable and supportive environment for colleagues.
Desirable skills
- Have hands-on experience with a variety of technologies we use: Sentinel, Defender for End-point, Carbon Black, Splunk, etc.
- Experience with purple teaming and other adjacent cyber security practices/topics that strengthen detection engineering.
- Forensics and/or incident response experience.
Job Benefits
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
- Flexible Working: Balance your work and personal life with our flexible working options.
- Enhanced Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
- Medicash & Critical Illness Scheme.
- Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
- Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
- Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
- Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
- Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
- Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
AD - Global Detection Engineering employer: NCC Group plc
As a leader in the Cyber Services and Capabilities sector, our company offers an exceptional work environment in London, where innovation meets collaboration. We prioritise employee well-being with flexible working options, generous holiday allowances, and comprehensive financial benefits, all while fostering a culture of growth and support. Join us to be part of a global team that not only excels in detection engineering but also values community engagement and personal development.
StudySmarter Expert Advice🤫
We think this is how you could land AD - Global Detection Engineering
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including NCC Group plc, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through NCC Group plc
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at NCC Group plc. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace AD - Global Detection Engineering
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at NCC Group plc insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to NCC Group plc that you’re committed to staying ahead in the game.
How to prepare for a job interview at NCC Group plc
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at NCC Group plc to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at NCC Group plc.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
