Job Description

We are building a new Information Security program, and you will be the first Detection and Response Engineer. This is a hands-on role where you will design and implement detection capabilities from the ground up, focusing on proactive threat identification, automated response, and intelligence driven security operations.

Key Responsibilities:

• Conduct a focused threat modelling exercise to identify key risks and gaps, including additional log sources required for the SIEM rollout and AI system monitoring.
• Develop and maintain detections using a Detection-as-Code approach, iterating based on threat modelling outcomes and emerging threat intelligence.
• Design, implement, and optimise automated triage and investigation playbooks to accelerate response times.
• Integrate threat intelligence feeds into the SIEM and a dedicated AI agent for enriched detection and context.
• Conduct priority threat hunting exercises targeting the highest risk areas of the environment.
• Collaborate with SOC, IT, and engineering teams to ensure logs, alerts, and detection rules are actionable and effective.
• Document and communicate findings, detections, and lessons learned to inform broader security strategy.

Required Skills & Experience:

• Hands-on experience in detection engineering & threat hunting
• Strong familiarity with SIEM platforms, log ingestion, and analytics.
• Experience with Detection-as-Code methodologies
• Understanding of threat modelling and risk-based detection prioritisation.