Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead a global team to enhance cybersecurity and innovate detection engineering.
- Company: Join WPP, a creative powerhouse transforming the marketing industry.
- Benefits: Enjoy a vibrant culture, hybrid work, and opportunities for growth.
- Why this job: Revolutionise cybersecurity in a dynamic environment with cutting-edge technology.
- Qualifications: Expertise in SIEM, automation, and strong leadership skills required.
- Other info: Collaborative atmosphere with passionate people driving extraordinary work.
The predicted salary is between 72000 - 108000 ÂŁ per year.
WPP is the creative transformation company. We use the power of creativity to build better futures for our people, planet, clients, and communities. Working at WPP means being part of a global network of more than 100,000 talented people dedicated to doing extraordinary work for our clients. We operate in over 100 countries, with corporate headquarters in New York, London and Singapore. WPP is a world leader in marketing services, with deep AI, data and technology capabilities, global presence and unrivalled creative talent. Our clients include many of the biggest companies and advertisers in the world, including approximately 300 of the Fortune Global 500.
Our people are the key to our success. We are committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow.
WPP is at the forefront of the marketing and advertising industryâs largest transformation. Our Global CIO is leading a significant evolution of our Enterprise Technology capabilities, bringing together over 2,500 technology professionals into an integrated global team. This team will play a crucial role in enabling the ongoing transformation of our agencies and functions.
Imagine shaping the cybersecurity landscape of a global powerhouse. As WPPâs next Head of Detection Engineering & Response, youâll command a critical role, leading a global team to fortify our defenses with stateâofâtheâart detection, rapid incident management, and relentless threat hunting. This pivotal position is your chance to revolutionize our SOC, transitioning it into an Autonomic Security Operations (ASO) model. Weâre seeking a leader who can deliver an automationâfirst, intelligenceâdriven shield, fully aligned with the ambitious GCAT SOC10x principles, and fundamentally change how we protect WPP.
What youâll be doing:
- Design and implement highâfidelity detection logic across SIEM, EDR, NDR, and cloudânative platforms.
- Operationalize detectionâasâcode practices, including version control, automated testing, and continuous improvement.
- Collaborate with Threat Intelligence and manage Threat Hunting teams to integrate adversary TTPs into detection pipelines.
- Drive automation of alert triage and enrichment through SOAR playbooks.
- Ensure telemetry coverage across endpoints, networks, and cloud environments for comprehensive visibility.
- Own the endâtoâend security incident response lifecycle: detection, containment, eradication, recovery, and lessons learned.
- Establish and enforce SOC processes, workflows, and playbooks for efficient incident handling.
- Coordinate with Legal, Privacy, and Risk teams during major incidents to ensure compliance and minimize business impact.
- Lead postâincident reviews and root cause analysis to strengthen detection and response capabilities.
- Develop and execute hypothesisâdriven hunts leveraging MITRE ATT&CK and threat intelligence.
- Identify gaps in existing detection coverage and feed findings back into engineering pipelines.
- Use advanced analytics and machine learning models to uncover stealthy or emerging threats.
- Foster a proactive security culture by embedding hunting practices into daily operations.
Strategic Alignment to GCAT SOC10x:
- 10X People: Build a highâperforming team with continuous learning and knowledgeâsharing culture.
- 10X Process: Implement agile, automated workflows for detection and response.
- 10X Technology: Leverage AI/MLâdriven detection models and cloudâscale telemetry ingestion.
- 10X Visibility: Achieve fullâstack observability across hybrid environments.
- 10X Speed: Reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through automation and orchestration.
What youâll need:
- Deep knowledge of SIEM, SOAR, EDR, NDR, and cloud security platforms.
- Proficiency in scripting and automation (Python, PowerShell) and detectionâasâcode principles.
- Strong understanding of adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK framework.
- Experience with threat intelligence integration and behavioral analytics.
- Proven track record of leading global SOC or Detection & Response teams in complex enterprise environments.
- Ability to define vision, strategy, and roadmaps for detection engineering and incident response.
- Skilled in stakeholder management and crossâfunctional collaboration (Legal, Risk, IT, DevOps).
- CISSP, GIAC GCFA/GCTI, or equivalent advanced security certifications.
- Automationâfirst mindset with a focus on scalability and resilience.
- Strong analytical and problemâsolving skills.
- Excellent communication and leadership capabilities.
Who you are:
- Youâre open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views.
- Youâre optimistic: We believe in the power of creativity, technology and talent to create brighter futures for our people, our clients and our communities.
- Youâre extraordinary: we are stronger together: through collaboration we achieve the amazing.
What weâll give you:
- Passionate, inspired people â We aim to create a culture in which people can do extraordinary work.
- Scale and opportunity â We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.
- Challenging and stimulating work â Unique work and the opportunity to join a group of creative problem solvers.
We believe the best work happens when weâre together, fostering creativity, collaboration, and connection. Thatâs why weâve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process.
WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.
Head of Detection Engineering, London employer: WPP Media
Contact Detail:
WPP Media Recruiting Team
StudySmarter Expert Advice đ¤Ť
We think this is how you could land Head of Detection Engineering, London
â¨Tip Number 1
Network like a pro! Reach out to current or former employees at WPP on LinkedIn. A friendly chat can give you insider info and maybe even a referral, which can really boost your chances.
â¨Tip Number 2
Prepare for the interview by diving deep into WPP's recent projects and initiatives. Show us that youâre not just another candidate; youâre genuinely interested in how you can contribute to their creative transformation.
â¨Tip Number 3
Practice your storytelling skills! Be ready to share specific examples of your past experiences that align with the role. We want to hear how you've tackled challenges and led teams in detection engineering.
â¨Tip Number 4
Donât forget to follow up after your interview! A quick thank-you email can leave a lasting impression and shows us that youâre enthusiastic about the opportunity to join WPP.
We think you need these skills to ace Head of Detection Engineering, London
Some tips for your application đŤĄ
Tailor Your Application: Make sure to customise your CV and cover letter for the Head of Detection Engineering role. Highlight your experience with SIEM, EDR, and automation, and show how your skills align with WPP's vision for cybersecurity.
Showcase Your Leadership Skills: As a leader, it's crucial to demonstrate your ability to manage teams and drive strategic initiatives. Share examples of how you've successfully led detection and response teams in the past, and how you can bring that expertise to WPP.
Be Clear and Concise: When writing your application, keep it straightforward and to the point. Use clear language to convey your achievements and experiences, making it easy for us to see why you're the perfect fit for the role.
Apply Through Our Website: We encourage you to submit your application directly through our website. This ensures that your application is reviewed promptly and gives you the best chance to stand out in the process!
How to prepare for a job interview at WPP Media
â¨Know Your Tech Inside Out
Make sure youâre well-versed in SIEM, SOAR, EDR, and NDR platforms. Brush up on your scripting skills, especially in Python and PowerShell, as these will be crucial for the role. Being able to discuss specific examples of how you've implemented detection-as-code practices will really impress the interviewers.
â¨Showcase Your Leadership Skills
WPP is looking for someone who can lead a global team effectively. Prepare to share your experiences in managing SOC or Detection & Response teams, focusing on how youâve fostered a culture of continuous learning and collaboration. Highlight any successful projects where you defined vision and strategy.
â¨Understand the Adversary Landscape
Familiarise yourself with adversary tactics, techniques, and procedures (TTPs) and the MITRE ATT&CK framework. Be ready to discuss how youâve integrated threat intelligence into detection pipelines and how this has improved your previous organisation's security posture.
â¨Emphasise Your Problem-Solving Mindset
WPP values analytical and problem-solving skills. Prepare to discuss specific challenges youâve faced in detection engineering and how you approached them. Use examples that demonstrate your automation-first mindset and your ability to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
