Detection Engineering & Response Lead

Jobgether·Lever
United KingdomFull-timePosted Jul 6, 2026
Apply

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Detection Engineering & Response Lead based in United Kingdom.

As a Detection Engineering & Response Lead, you will be responsible for building and scaling a core security function that protects complex cloud and infrastructure environments at scale. You will define and drive the detection engineering and incident response strategy, ensuring strong visibility across systems while minimizing noise and maximizing actionable security signals. Operating in a fast-paced, engineering-driven environment, you will lead both hands-on technical work and team leadership, guiding incident response efforts and shaping detection capabilities from the ground up. This role combines deep technical security expertise with strategic ownership, offering the opportunity to directly influence how threats are identified, analyzed, and mitigated in large-scale AI and cloud infrastructure systems.

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Detection Engineering & Response Lead based in United Kingdom.

As a Detection Engineering & Response Lead, you will be responsible for building and scaling a core security function that protects complex cloud and infrastructure environments at scale. You will define and drive the detection engineering and incident response strategy, ensuring strong visibility across systems while minimizing noise and maximizing actionable security signals. Operating in a fast-paced, engineering-driven environment, you will lead both hands-on technical work and team leadership, guiding incident response efforts and shaping detection capabilities from the ground up. This role combines deep technical security expertise with strategic ownership, offering the opportunity to directly influence how threats are identified, analyzed, and mitigated in large-scale AI and cloud infrastructure systems.

Accountabilities

    • Lead the design, development, and continuous improvement of detection engineering strategies across cloud and bare-metal environments.
    • Build and maintain high-quality detection rules and logic across SIEM platforms, ensuring strong MITRE ATT&CK coverage and low false-positive rates.
    • Develop and scale incident response processes, including scoping, containment, forensic analysis, root cause identification, and post-incident reporting.
    • Architect and optimize Security Operations workflows, including automation and SOAR pipelines for efficient threat response.
    • Integrate threat intelligence into detection systems and response playbooks, mapping adversary behaviors and emerging TTPs.
    • Lead and coordinate security incident response activities across engineering, compliance, legal, and leadership stakeholders.
    • Define, track, and report key security metrics such as MTTD, MTTR, detection coverage, and operational effectiveness.
    • Build and maintain scalable tooling, runbooks, and operational processes to support a growing security organization.
    • Mentor and guide a small team of security engineers and analysts while contributing hands-on to complex security challenges.
    • Collaborate closely with engineering teams to ensure security is embedded into infrastructure and platform design.
    • Requirements

      • 6+ years of experience in security operations, detection engineering, or incident response, including leadership or mentoring responsibilities.
      • Strong hands-on experience in cloud-native environments such as Kubernetes, Linux-based systems, and containerized infrastructure.
      • Deep expertise in detection engineering, including writing and tuning rules in SIEM platforms (e.g., Splunk, Elastic, Chronicle) and working with SQL.
      • Experience designing and operating SOAR systems and automating security response workflows at scale.
      • Solid understanding of threat intelligence frameworks such as MITRE ATT&CK, Kill Chain, and Pyramid of Pain, and their practical application in detection.
      • Strong incident response expertise, including forensic analysis, log investigation, network traffic analysis, and post-incident reviews.
      • Experience coordinating cross-functional stakeholders during high-severity security incidents.
      • Ability to define and enforce security processes while balancing operational and regulatory requirements.
      • Familiarity with security tooling such as eBPF-based detection systems or runtime security solutions is a plus.
      • Background in threat hunting or experience securing large-scale distributed systems is an advantage.
      • Strong leadership, communication, and stakeholder management skills in complex technical environments.
      • Benefits

        • Competitive compensation package with equity participation in a high-growth, publicly listed company.
        • Fully remote-first working model with flexibility across Europe.
        • Opportunity to build and scale a security function from the ground up in a fast-growing AI infrastructure environment.
        • Strong career development and learning opportunities in advanced cloud and AI security domains.
        • High level of ownership and autonomy in shaping detection engineering and incident response strategy.
        • Collaborative and highly technical engineering culture focused on innovation and impact.
        • Opportunity to work on large-scale infrastructure powering cutting-edge AI workloads.
        • International environment with world-class engineering teams and complex technical challenges.
How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free