Enable job alerts via email!
Senior Detection Engineer
RiverSafe Limited
Remote
GBP 50,000 - GBP 70,000
Full time
Today
Be an early applicant
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A cybersecurity firm is seeking a detection engineer to design and maintain detection content aligned with MITRE ATT&CK. The ideal candidate has strong experience with Microsoft Defender and is proficient in KQL and SPL. This role supports the full detection lifecycle and involves collaboration with teams to validate alert quality. While predominantly remote, occasional onsite travel is required. This position is also inside IR35.
Qualifications
- Strong hands-on experience with Microsoft Defender products.
- Proficiency in KQL and SPL for optimising query performance.
- Experience with detection-as-code practices using version control.
Responsibilities
- Design and develop detection content aligned to MITRE ATT&CK.
- Build and optimise detection queries using KQL.
- Support detection engineering lifecycle, including data onboarding and rule development.
- Collaborate to validate alert quality and minimise false positives.
Skills
Microsoft Defender
KQL
SPL
GitHub
MITRE ATT&CK
Job description
Responsibilities
- Design, develop and maintain robust detection content aligned to MITRE ATT&CK and threat-led priorities.
- Build and optimise detection queries using KQL, applying efficiency and best practices in logic construction.
- Support the full detection engineering lifecycle, including modelling, data onboarding, rule development, deployment, and iterative tuning.
- Collaborate with SOC and threat intelligence teams to validate alert quality, minimise false positives, and ensure operational relevance.
Skills
- Strong hands‑on experience with Microsoft Defender (Endpoint, Cloud, Identity) and Splunk Enterprise Security.
- Proficiency in KQL and SPL, with the ability to optimise query performance and maintain clarity of logic.
- Demonstrated experience with detection‑as‑code practices using GitHub or similar version control platforms.
- Deep understanding of MITRE ATT&CK, threat actor TTPs, and translating them into detection use cases.
This role is inside IR35 and predominantly remote, although occasional onsite travel is required
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Michael Carter
I was stuck sending out resumes with no response until I used JobLeads. They made my resume impossible for recruiters to ignore.
Sophie Reynolds
JobLeads' resume review helped me fix critical mistakes, and I started getting interviews almost immediately!
Daniel Fischer
With JobLeads' resume review, my resume went from overlooked to interview-ready in no time!
Similar jobs
Remote Detection Engineer — MITRE-KQL Specialist
RiverSafe Limited
United Kingdom
Remote
GBP 50,000 - 70,000
Full time
30+ days ago
Senior Security Engineer
Cyber Security training courses
Manchester
On-site
GBP 100,000 - 125,000
Full time
30+ days ago
Microsoft 365 Security Engineer
I Confidential
Greater London
Hybrid
GBP 80,000 - 100,000
Full time
30+ days ago
Senior Detection & Response Engineer - Threat IR Leader
Gamelevate
Greater London
Hybrid
GBP 80,000 - 100,000
Full time
30+ days ago
Detection Engineer - Hybrid, Security Automation
Electronic Arts
Guildford
Hybrid
GBP 80,000 - 100,000
Full time
30+ days ago
Azure Security Engineer Contract
LGBT Great
Greater London
Hybrid
GBP 60,000 - 85,000
Full time
30+ days ago
Detection Engineer: Security Automation & Response
ION Group
Greater London
On-site
GBP 60,000 - 85,000
Full time
30+ days ago