Detection Engineer

We’re looking for a curious, motivated Detection Engineer to join our growing Information Security team. If you love learning, enjoy solving problems, and want to work with modern cloud‑first security tools, this is a brilliant opportunity to grow your skills and make a real impact. This isn’t a traditional SOC role. At Our Future Health, the “boring bits” of the SOC are outsourced, leaving you with the exciting, high‑impact work that shapes how we detect and respond to threats at scale. You’ll collaborate closely with our inhouse Threat team and our outsourced SOC partner, building unique detection capabilities that go beyond just SIEM detections, all to help us stay ahead of attackers across a cutting‑edge cloud environment. If you’re excited by Microsoft security tools, and the idea of helping shape how a national‑scale programme detects threats, we’d love to hear from you.

At Our Future Health, our mission is to transform the prevention, detection and treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke. If you want your work to contribute to something meaningful, this is the place to grow your career.

What you’ll be doing:

• Developing and improving threat‑led detections using Microsoft Sentinel and KQL.
• Working with our threat team and outsourced SOC to tune and maintain our detection rules.
• Supporting the configuration and tuning of Microsoft Purview tools such as DLP and Insider Risk Management.
• Leveraging cloud‑native log sources (Azure, Kubernetes, SaaS apps) to spot suspicious activity.
• Helping create dashboards and reports using Sentinel workbooks.
• Documenting processes, detections, and configurations so our security operations stay consistent and high‑quality.
• Collaborating with engineers and analysts across the tech team to ensure our systems are monitored effectively.

What you won’t be doing:

• Working in a siloed environment with no freedom to make decisions.
• Working in a place where you can’t see the impact your expertise makes.

We’re open to applicants who are earlier in their careers or looking to re‑specialise; you don’t need prior detection engineering experience to be considered. We require a basic understanding of cyber security and some entry‑level scripting or programming ability. You should also be comfortable exploring and making sense of complex datasets. Most importantly, you should be ready to learn quickly and build the skills needed for the role.

Ideally, you will already be able to demonstrate some of the following skills and experience:

• Experience writing KQL (or writing other scripting/programming/query languages).
• Hands‑on exposure to Microsoft Sentinel or similar SIEM tools.
• Familiarity with Microsoft Defender products (Defender for Endpoint / O365).
• Understanding of Azure or other cloud platforms.
• Interest in attacker behaviours, TTPs, and frameworks like MITRE ATT&CK.
• Knowledge of statistics, data science and AI/ML, in particular when applied to cyber security, would be a bonus.
• A collaborative mindset and desire to grow in a fast‑paced security team.
• Relevant certifications (Security+, SC‑200, AZ‑500 etc.) are helpful but not essential.

Salary and Benefits:

• Salary from £35,000 per annum.
• Generous Pension Scheme – We invest in your future with employer contributions of up to 12%.
• 30 Days Holiday + Bank Holidays – Enjoy a generous holiday allowance with the flexibility to take bank holidays when it suits you.
• Enhanced Parental Leave – Supporting you during life’s biggest moments.
• Cycle to Work Scheme – Save 25-39% on a new bike and accessories through salary sacrifice.
• Home & Tech Savings – Get up to 8% off on IKEA and Currys products, spreading the cost over 12 months through salary sacrifice.
• £1,000 Employee Referral Bonus – Know someone amazing? Get rewarded for bringing them on board!
• Wellbeing Support – Access to Mental Health First Aiders, plus 24/7 online GP services and an Employee Assistance Programme for you and your family.
• A Great Place to Work – We have a lovely Central London office in Holborn, and offer flexible and remote working arrangements.

At Our Future Health, we recognise the importance of having a diverse workforce and ensuring that all candidates, regardless of their background, have equitable access to our application process. We proactively encourage applicants who identify as having a disability, neurodiversity, or long‑term health conditions to let us know if they require any reasonable adjustments as part of their application process. If you do require any reasonable adjustments, please email us at talent@ourfuturehealth.org.uk.