Detection Engineer - Cyber Security

Skills

• Expertise in detection engineering, security operations, or threat hunting.
• Strong experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic).
• Proficiency in writing detection logic in query languages (e.g., SPL, KQL, Sigma).
• Familiarity with MITRE ATT&CK framework.
• Understanding of network, endpoint, cloud and identity-related attack vectors.
• Ability to handle and correlate large volumes of log data.

Role

• Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms.
• Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance.
• Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness.
• Use Detection-as-Code principles to manage detection rules via version control, CI/CD pipelines and automated testing frameworks.
• Reduce false positives through tuning, enrichment and contextual awareness.

*This role is hybrid and inside IR35*