Senior Security Engineer - Detection & Response - EU/UK

Senior Security Engineer - Detection & Response - EU/UK

Full-Time 60000 - 80000 £ / year (est.) Working from home possible
T

At a Glance

  • Tasks: Investigate security incidents and proactively monitor for cyber threats in a dynamic environment.
  • Company: Join Marqeta, a leading fintech company with a commitment to innovation and inclusivity.
  • Benefits: Enjoy premium medical coverage, generous time off, equity options, and remote work support.
  • Other info: Opportunity to mentor junior professionals and contribute to a diverse workplace.
  • Why this job: Make a real impact in cybersecurity while developing your skills in a supportive team.
  • Qualifications: 5+ years in security operations with expertise in incident response and threat hunting.

The predicted salary is between 60000 - 80000 £ per year.

We are seeking a UK-based Senior Security Engineer to join our Security Operations and Response Team as a senior individual contributor. In this role, you will investigate and respond to security incidents across Marqeta’s environment, proactively monitor for cyber threats, and serve as incident commander during security events of varying severity. You will contribute to the development and improvement of response methodologies aligned with the NIST Incident Response Lifecycle and help maintain cybersecurity incident response documentation. This position requires strong expertise in incident response, digital forensics, threat hunting, and security monitoring technologies. You will collaborate across teams, contribute to detection engineering efforts, and participate in 24x7 on‑call rotations. The role reports to the Manager of Security Operations and Response. This role can be performed remotely anywhere in the UK, or from our London, UK office.

Impact You’ll Have

  • Proactively monitor Marqeta’s environment for cyber threat activity and manage day‑to‑day security alerts through timely analysis, triage, and appropriate response actions.
  • Serve as incident commander during security events, directing investigation strategies and coordinating cross‑functional response efforts.
  • Execute incident response activities aligned with the NIST Incident Response Lifecycle to detect, contain, eradicate, recover, and learn from cybersecurity incidents.
  • Contribute to the maintenance and improvement of the Cybersecurity Incident Response Plan (CIRP), playbooks, runbooks, and standard operating procedures to ensure consistent and effective response operations.
  • Participate in 24x7x365 on‑call rotations, providing skilled guidance during security incidents and contributing to thorough post‑incident reviews.
  • Research threat intelligence sources and contribute to hypothesis‑driven threat hunting initiatives to uncover threats in corporate and production environments.
  • Work closely with Security Engineering to tune security solutions, enhance detection capabilities, and leverage business knowledge to improve security monitoring.
  • Design, develop, and maintain detection logic using a detections‑as‑code approach, collaborating with Security Solution Engineering to deploy detections through CI/CD pipelines into our SIEM and EDR platforms.
  • Contribute to detection coverage mapped to MITRE ATT&CK framework, identifying gaps in visibility and supporting detection development prioritization based on threat intelligence and business risk.
  • Coordinate with HR, law enforcement, response retainers, and cyber insurers as required, including support on cyber‑crime financial fraud use cases.
  • Support the development of less‑experienced security team members through knowledge sharing, pair investigations, and leading by example.
  • Partner with Fraud, Compliance, and Risk teams on security events involving payment systems, cardholder data, or regulatory reporting obligations under PCI DSS and related frameworks.

Who You Are

  • 5+ years of hands‑on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting.
  • Experience serving as an incident commander or leading incident response workstreams, with the ability to make sound decisions under pressure.
  • Strong knowledge of the NIST Incident Response Lifecycle and experience contributing to incident response documentation and procedures.
  • Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems.
  • Experience developing detections‑as‑code, including familiarity with version control, CI/CD pipelines, and detection testing frameworks.
  • Working knowledge of MITRE ATT&CK and experience using it to assess detection coverage and map threat actor TTPs.
  • Experience contributing to post‑incident reviews and implementing security improvements based on lessons learned.
  • Solid understanding of threat actor TTPs and ability to apply threat intelligence to enhance detection and response capabilities.
  • Experience tuning security solutions and developing automation workflows to improve monitoring effectiveness and response efficiency.
  • Working knowledge of AWS cloud services and securing cloud environments.
  • Ability to effectively communicate with technical and non‑technical stakeholders during security incidents and investigations.
  • Experience in payment processing, fintech, or other highly regulated environments; familiarity with PCI DSS incident handling requirements a plus.
  • Proven ability to work independently while demonstrating sound judgment about when to engage team members or elevate issues.
  • Willingness to mentor and support the growth of junior security professionals in incident response techniques.

Benefits

  • Premium Private Medical and Dental coverage.
  • Generous time off program with additional “Floating Holiday days.”
  • Retirement savings program with company contribution.
  • Equity in a publicly‑traded company and an Employee Stock Purchase Program.
  • Monthly stipend to support our remote work model.
  • Annual development stipend to support our people's growth and development.
  • Family‑forming benefits and up to 20 weeks of Parental Leave.
  • Wellbeing programs (e.g., Modern Health, HealthKick and more).

Marqeta is an equal opportunity employer committed to an inclusive workplace that fosters belonging. We do not discriminate based on race, color, religion, sex (including pregnancy, lactation, childbirth, or related medical conditions), veteran status or uniformed service member status, age, national origin or ancestry, citizenship or immigration status, physical or mental disability, gender identity, gender expression, sexual orientation, genetic information (including testing or characteristics) or any other characteristic protected by applicable law. We also consider qualified applicants with criminal histories, consistent with legal requirements. Marqeta endeavors to make reasonable accommodations for applicants with disabilities. Individuals requiring accommodation to submit this application, complete any pre‑employment testing, or otherwise participate in the selection process should submit a request detailing the specific accommodations needed.

Senior Security Engineer - Detection & Response - EU/UK employer: Triwill Group

Vercel is an exceptional employer that prioritises a culture of innovation and collaboration, making it an ideal place for leaders in the tech industry. With a competitive compensation package, flexible time off, and ample opportunities for mentorship and professional growth, employees are empowered to excel in their roles while contributing to the cutting-edge development of web technologies. Located in London, Vercel offers a dynamic work environment that fosters creativity and supports a diverse workforce, ensuring that every team member can thrive and make a meaningful impact.

T

Contact Details:

Triwill Group Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Senior Security Engineer - Detection & Response - EU/UK

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Triwill Group, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through Triwill Group

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Triwill Group. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Senior Security Engineer - Detection & Response - EU/UK

Incident Response
Digital Forensics
Threat Hunting
Security Monitoring Technologies
NIST Incident Response Lifecycle
Cybersecurity Incident Response Plan (CIRP)
EDR

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Triwill Group insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Triwill Group that you’re committed to staying ahead in the game.

How to prepare for a job interview at Triwill Group

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at Triwill Group to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Triwill Group.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.