Join a highly secure Security Operations Centre supporting Critical National Infrastructure (CNI) environment as a senior Detection Engineering Lead. Define detection strategy, lead a specialist engineering team, and deliver high-quality security detection outcomes aligned to KPIs. Work closely with senior operational, threat intelligence, and service delivery stakeholders.
Key Highlights
Technical Skills Required
Benefits & Perks
Job Description
An exciting opportunity has arisen for an experienced Detection Engineering Lead to join a highly secure Security Operations Centre supporting a Critical National Infrastructure (CNI) environment. This is a senior, hands-on leadership role combining deep technical expertise with strategic ownership of detection engineering capabilities.
The role sits at the heart of a mature SOC, responsible for defining detection strategy, leading a specialist engineering team, and delivering high-quality security detection outcomes aligned to KPIs. Working closely with senior operational, threat intelligence, and service delivery stakeholders, the successful candidate will play a key role in shaping and evolving detection capabilities in a mission-critical environment.
What’s on Offer
- Salary up to £65,000
- Security clearance required (with sponsorship for further clearances)
- Comprehensive benefits package
- Bonus scheme
- Strong focus on career progression and long-term development
- Ongoing training and skill-up opportunities
- Opportunity to work in a high-impact, nationally significant environment
- Hybrid working model (role and security permitting)
What You Need to Be Successful
- Advanced hands-on experience with Splunk and Microsoft Sentinel SIEM platforms
- Strong understanding of AWS and Azure cloud environments
- Advanced ability writing high-fidelity detections using SPL and KQL
- Strong Python development skills for automation and Detection-as-Code pipelines
- Experience in network monitoring, threat intelligence, and use of the MITRE ATT&CK framework
- Deep understanding of security detection methodologies and best practices
- Proven experience defining detection strategy, managing workloads, and driving service improvements
- Excellent communication and stakeholder management skills, including presenting to senior audiences
Desirable Skills & Experience
- Experience implementing Detection as Code methodologies
- Prior people management or team leadership experience
While not essential, candidates with the following are highly regarded and supported in continued professional development:
SANS courses (e.g. SEC599, SEC530, SEC699, FOR608, SEC541)
GIAC certifications (e.g. GDAT, GCIH, GCDA, GMON, GSOC, GDSA, GCED)
CISSP, ISSEP, CCSP
Vendor certifications from Splunk, AWS, or Microsoft
Similar Jobs
Explore other opportunities that match your interests
Cloud IT Infrastructure Engineer
EDB
Tenth Revolution Group
Engineering Manager, Safeguards Data Infrastructure
