Cyber Security Detection Engineer

We are looking for a skilled Detection Engineer to join our Cyber Security team. In this role, you will be responsible for developing and maintaining high-fidelity threat detections across our security platforms. You’ll work at the intersection of threat intelligence, telemetry and security operations to build scalable, reliable and effective detection capabilities.

Key Responsibilities

• Design, develop and deploy detection logic across SIEM, EDR and cloud security platforms.
• Build detections aligned with frameworks such as MITRE ATT&CK and continuously tune for accuracy and performance.
• Conduct threat modelling and participate in purple team exercises to assess and improve detection effectiveness.
• Use Detection-as-Code principles to manage detection rules via version control, CI/CD pipelines and automated testing frameworks.
• Reduce false positives through tuning, enrichment and contextual awareness.

Skills

• 3+ years of experience in security operations, detection engineering, threat hunting, or a related Cyber Security field.
• Proficiency in query languages such as SPL (Splunk), KQL (Microsoft), Sigma, or similar.
• Experience with SIEM platforms (e.g. Splunk, Sentinel, Elastic), EDR tools (e.g. CrowdStrike, SentinelOne), and/or cloud-native security services (e.g. AWS GuardDuty, GCP Chronicle).
• Ability to create and iterate on detection content (e.g. SIEM rules, correlation searches and detection-as-code signatures) to proactively identify malicious behaviour and improve threat visibility and reduce false positives
• Familiarity with MITRE ATT&CK framework and threat detection lifecycle.