Senior Detection & Response Engineer

Senior Detection & Response Engineer

Cambridgeshire Based - 1-2 days a week on site

We are looking for a highly experienced Senior Detection & Response Engineer to join our client's growing security team. In this critical role, you'll be instrumental in developing a best-in-class incident response function, leading investigations into complex security events, and building scalable detection and response capabilities across the organisation.
This is an exciting opportunity to work at the heart of a modern security operation - building the tools, automation, and processes that enable the business to detect, respond to, and learn from security threats effectively.

What You'll Be Doing:

• Investigate and respond to security events with clarity and precision; triage, analyse, and manage incidents from end to end
• Develop and improve detection and response processes, technologies, and work flows
• Design and implement tools to collect and analyse security telemetry from cloud environments
• Automate security workflows to enhance detection accuracy and reduce response time
• Build and fine-tune detection rules to focus efforts on high-fidelity alerts
• Create and maintain runbooks and incident response playbooks
• Lead proactive threat hunting and incorporate findings into defensive measures
• Develop custom scripts and detection logic for advanced monitoring
• Collaborate cross-functionally with engineering and product teams to strengthen the security posture
• Continuously enhance detection capabilities, playbooks, and incident response processes

What We're Looking For:

• Proven experience in security engineering, incident response, and threat hunting within cloud-first environments
• Deep understanding of offensive security and real-world attack scenarios
• Demonstrated experience leading complex investigations involving multiple stakeholders
• Expertise in AWS security controls and cloud-native security services
• Proficient in coding/scripting for automation, alert enrichment, and custom detections
• Familiarity with adversary TTPs and the MITRE ATT&CK framework
• Experience with endpoint forensics, malware analysis, and security event correlation
• Hands-on experience with SIEM and SOAR platforms
• Solid understanding of operating system internals (macOS, Windows, Linux)
• Experience with security in a SaaS environment and working closely with engineering teams
• Background in using DevOps toolsets and programming languages for building security tools
• Ability to lead projects independently and deliver results with minimal supervision

If you are interested and looking for a new role, please apply with a copy of your CV or email (url removed)