Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Develop and maintain threat detections across security platforms.
- Company: Join a dynamic Cyber Security team focused on innovative detection solutions.
- Benefits: Enjoy flexible work options, competitive pay, and opportunities for professional growth.
- Why this job: Make a real impact in cyber security while working with cutting-edge technology.
- Qualifications: 3+ years in security operations or detection engineering; proficiency in query languages required.
- Other info: Engage in exciting purple team exercises to enhance your skills.
The predicted salary is between 36000 - 60000 £ per year.
We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities.
Key Responsibilities
- Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms.
- Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance.
- Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness.
- Use Detection-as-Code principles to manage detection rules via version control, CI/CD pipelines and automated testing frameworks.
- Reduce false positives through tuning, enrichment and contextual awareness.
Skills
- 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field.
- Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar.
- Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and/or cloud-native security services (e.g. AWS GuardDuty, GCP Chronicle).
- Ability to create and iterate on detection content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives.
- Familiarity with MITRE ATT&CK framework and threat detection lifecycle.
Cyber Security Detection Engineer employer: RiverSafe
Contact Detail:
RiverSafe Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Detection Engineer
✨Tip Number 1
Familiarise yourself with the MITRE ATT&CK framework, as it's crucial for this role. Understanding how to align your detection logic with this framework will not only enhance your knowledge but also demonstrate your expertise during interviews.
✨Tip Number 2
Engage in purple team exercises or simulations if you can. This hands-on experience will help you understand the dynamics of threat detection and response, making you a more attractive candidate for our Cyber Security team.
✨Tip Number 3
Showcase your proficiency in query languages like SPL or KQL through practical examples. Being able to discuss specific instances where you've used these languages to develop detection rules will set you apart from other candidates.
✨Tip Number 4
Stay updated on the latest trends and tools in Cyber Security, especially regarding SIEM and EDR platforms. Demonstrating your knowledge of current technologies and practices will show us that you're proactive and passionate about the field.
We think you need these skills to ace Cyber Security Detection Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in security operations, detection engineering, and threat hunting. Use specific examples that demonstrate your proficiency with SIEM platforms and query languages like SPL or KQL.
Craft a Strong Cover Letter: In your cover letter, express your passion for cyber security and detail how your skills align with the responsibilities of the Detection Engineer role. Mention your familiarity with frameworks like MITRE ATT&CK and your experience in reducing false positives.
Showcase Relevant Projects: If you have worked on projects involving Detection-as-Code principles or threat modelling, be sure to include these in your application. Highlight any contributions to CI/CD pipelines or automated testing frameworks.
Proofread Your Application: Before submitting, carefully proofread your application for any spelling or grammatical errors. A polished application reflects your attention to detail, which is crucial in the field of cyber security.
How to prepare for a job interview at RiverSafe
✨Showcase Your Technical Skills
Be prepared to discuss your experience with query languages like SPL or KQL. Bring examples of detection logic you've developed and be ready to explain how you tuned them for accuracy.
✨Understand the MITRE ATT&CK Framework
Familiarise yourself with the MITRE ATT&CK framework, as it’s crucial for this role. Be ready to discuss how you've applied it in past projects and how it can enhance threat detection.
✨Demonstrate Problem-Solving Abilities
Prepare to talk about specific challenges you've faced in detection engineering. Highlight your approach to threat modelling and how you’ve improved detection effectiveness through innovative solutions.
✨Emphasise Collaboration Skills
Since you'll be working closely with security operations and threat intelligence teams, share examples of how you've successfully collaborated in the past. Discuss any purple team exercises you've participated in to showcase your teamwork.
