Detection Engineer

Posted 18 January 2024
Job type Permanent
Discipline Cyber Defence
Contact NameCharlee Ryman

Job description

Trident Search have partnered with a company who pride themselves on being ahead of the curve when it comes to cyber security. The client works in the financial sector so its vital they remain at the forefront of the industry, to protect their clients data and their funds.
They are looking for an autonomous detection engineer to join their global team. This role is a unique opportunity to break tools, fix them, build detections, work on incidents and work on your coding. To further break this down, your day will be split between security analytics (working on incidents and closing them out), Building out detections to enhance a huge variety of tools (manually) and finally, doing your research on latest tools in the industry and understand how they work and if they would be of use to the business.
This role will require you to be based in the London office five days per week.
  • Develop, tune, and deploy detections and rules to detect and prevent threats
  • Review and analyze logging and telemetry to support risk and detection capabilities.
  • Hunt for sophisticated threats and adversaries
  • Process, digest and action threat intelligence reports and/or updates of the current security landscape.
  • Ability to research attacker TTPs and convert them to detections in a number of tools and languages.
  • Contribute to and develop clients’ detection-as-code ecosystem to speed up analysis
  • processes and increase detection fidelity.
  • Work with various business units to gain a better understanding of internal networks and use this understanding to hunt for threats.
• Bachelor's degree in computer engineering, Computer Science, or a related field.
• 3-5+ years of experience working in security operations maintain an endpoint security toolset.
• Strong interpersonal communication skills both written and oral.
• Experience conducting analysis of media, packet captures, logs, and network devices.
• Experience with the Python programming language.
Experience working in a security or network operations center.
If you feel that you are autonomous enough to tackle this role, then please do reach out for more information.