Job Description
We are building a new Information Security program, and you will be the first Detection and Response Engineer. This is a hands-on role where you will design and implement detection capabilities from the ground up, focusing on proactive threat identification, automated response, and intelligence driven security operations.
Key Responsibilities:
- Conduct a focused threat modelling exercise to identify key risks and gaps, including additional log sources required for the SIEM rollout and AI system monitoring.
- Develop and maintain detections using a Detection-as-Code approach, iterating based on threat modelling outcomes and emerging threat intelligence.
- Design, implement, and optimise automated triage and investigation playbooks to accelerate response times.
- Integrate threat intelligence feeds into the SIEM and a dedicated AI agent for enriched detection and context.
- Conduct priority threat hunting exercises targeting the highest risk areas of the environment.
- Collaborate with SOC, IT, and engineering teams to ensure logs, alerts, and detection rules are actionable and effective.
- Document and communicate findings, detections, and lessons learned to inform broader security strategy.
Required Skills & Experience:
- Hands-on experience in detection engineering & threat hunting
- Strong familiarity with SIEM platforms, log ingestion, and analytics.
- Experience with Detection-as-Code methodologies
- Understanding of threat modelling and risk-based detection prioritisation.