Threat Detection Engineer

An exciting opportunity has arisen for a Threat Detection Engineer to join a well-established biotech company using large-scale genetic data and AI to predict disease risk and advance precision healthcare.

As a Threat Detection Engineer, you will be responsible for developing and enhancing threat detection capabilities within a modern cloud-first setting.

This role offers hybrid / remote working options, a salary range of £60,000 - £80,000 and benefits.

You will be responsible for:

? Designing and implementing threat-led detection logic informed by threat intelligence and hunting activities.
? Developing innovative analytical techniques to identify incidents effectively.
? Collaborating with an outsourced SOC to maintain, tune, and optimise detection catalogues.
? Creating and refining DLP, Insider Risk Management, and other security rules using cloud-native tools.
? Monitoring and ensuring high-quality service delivery from external SOC providers.
? Automating reporting on security performance and operational metrics.
? Partnering with technology teams to ensure adequate monitoring across cloud platforms, SaaS, and internal systems.
? Documenting security processes, tool configurations, and contributing to service delivery documentation.
? Supporting colleagues with ISO 27001 compliance and KQL-related tasks.


What we are looking for:

? Previously worked as an SOC Analyst, Threat Detection Engineer or in a similar role.
? Must have strong expertise in KQL.
? Hands-on experience with Microsoft Sentinel and Defender (Endpoint, Office 365).
? Familiarity with Microsoft Entra ID, including Identity Governance.
? Experience with Microsoft Purview, particularly DLP and data protection tools.
? Exposure to cloud-native logging in Azure and Kubernetes environments.
? Understanding of "detection as code" or "everything as code" approaches, including CI/CD pipelines.
? Experience working with or alongside MSP SOC teams.
? Awareness of Agi