Senior Detection Engineer - Remote
- Hiring Organisation
- RiverSafe
- Location
- Leigh, Greater Manchester, United Kingdom
analyst, SIEM administrator, SecOps generalist, cloud security, IAM, or vulnerability management role. Responsibilities: Design and implement behaviour based detections in Microsoft Sentinel (KQL) and Splunk (SPL) Own detection logic end-to-end: creation, testing, tuning, false-positive reduction, lifecycle management Map detections to MITRE ATT&CK and track coverage gaps … perform SOC triage Treat detections as a product, not one-off alerts Skills: Hands-on experience authoring detections, not just using SIEMs Strong KQL experience writing Sentinel analytics rules Strong SPL experience writing Splunk correlation searches Experience maintaining detections in production environments Clear examples of reducing false positives through logic ...