Security Engineer - Detection Engineering & Automation

Job description

The Role: We are seeking a Security Engineer specialising in Detection Engineering and Security Automation to design, build, and operate scalable detection and response capabilities across cloud and enterprise environments. This role focuses on engineering high-fidelity detections and automating response workflows across platforms such as Rapid7, SentinelOne, and CrowdStrike, using Azure Logic Apps and API-driven integrations to reduce manual effort and improve response speed. This is a hands-on engineering role for someone who thinks in attacker behaviours, builds resilient automation, and prefers engineering solutions over manual SOC processes. Key Responsibilities: - Detection Engineering - Design, implement, and continuously improve threat detections across endpoint, identity, vulnerability, and cloud telemetry. - Engineer detections using data from Rapid7, SentinelOne, and CrowdStrike, including behavioural, anomaly-based, and contextual detections. - Translate MITRE ATT&CK techniques and real-world threat intelligence into actionable detection logic. - Develop and tune detection logic to reduce false positives while preserving signal quality. - Validate detections through tes...