Cyber Security Analyst

Security Endpoint Detection Engineer

Job Description:

Our client, a large-scale financial services organisation, is seeking a highly skilled Senior Security Detection Engineer to support the continuous development and operational excellence of SIEM capabilities within a global cyber security operations context.

Job Responsibilities

• Develop and enhance detection capabilities through research and analysis of adversary behaviours and attack techniques across cloud platforms including AWS, Azure, and GCP.
• Serve as a subject matter expert for SIEM platform management, onboarding new log sources, and optimising detection infrastructure.
• Ensure the consistent performance and compliance of log integrations and SIEM agents with internal security standards and external regulatory expectations.
• Collaborate with cross-functional teams to ensure the secure and successful integration of network, application, and third-party logs.
• Contribute to detection rule creation, correlation tuning, and incident response readiness.
• Conduct periodic audits, system health checks, and proactive maintenance of the SIEM environment.
• Provide Tier 3-level technical support during major incidents, acting as the escalation point for detection-related issues.
• Mentor junior team members and contribute to internal documentation and knowledge sharing.
• Lead the capacity planning and roadmap development for the SIEM function.
• Ensure all activities align with compliance standards and frameworks such as ISO 27001, NIST, GDPR, and the MITRE ATT&CK framework.

Experience Required

• Minimum 3-5 years’ experience in a cyber security
• Demonstrated experience in SIEM technologies such as Microsoft Sentinel, Trellix, Splunk, or QRadar.
• Proven expertise in building detection rules and signals for cloud environments.
• Strong knowledge of Windows infrastructure, including patching, failover clustering, and server hardening.
• Hands-on involvement in threat hunting, cyber incident detection, and response within enterprise environments.

Desirable Skills

• Proficiency with scripting languages such as Python, PowerShell, or JavaScript.
• Exposure to Security Operations processes in environments leveraging Kubernetes, SaaS platforms, and hybrid cloud ecosystems.
• Familiarity with industry-recognised security frameworks and standards (e.g., COBIT, ISO 27002, OWASP).
• Knowledge of threat modelling and cyber kill chain methodologies (e.g., MITRE ATT&CK, STRIDE).
• Relevant security certifications such as CISSP, Security+, SANs GIAC, or vendor-specific SIEM certifications.

Educational Requirements

• A third-level qualification in Information Security, Computer Science, or a related discipline is preferred.
• Equivalent practical experience in enterprise security roles may also be considered.

HOW TO APPLY:

If you are interested in this role, please apply for this role with your updated CV