Security Detection & Response Engineer

Security Detection & Response Engineer

Job Description

[Up to c. $280k Comp Package | Hybrid Working]

Role Overview

We’re representing a globally respected quantitative investment firm operating at significant scale across compute, data, and software systems. The organisation is expanding its Information Security group and is looking for a Security Detection & Response Engineer to help strengthen its ability to identify, investigate, and respond to security events across a complex technology estate. This role sits within a hands-on security engineering team focused on real-world detection and response, not theoretical controls or compliance-only work. You’ll contribute directly to how incidents are identified, analysed, and resolved - while also helping improve the underlying processes, tooling, and visibility that enable effective response. It’s well suited to someone early-to-mid career in security who wants exposure to high-quality incident work in an engineering-led environment...

Key Responsibilities

• Analyse and prioritise security events, assessing technical impact and potential risk across systems and data
• Support active security investigations, contributing to root-cause analysis, containment actions, and remediation efforts
• Assist with proactive threat-hunting initiatives and improvements to monitoring and detection logic
• Act as a technical point of contact for partner teams during security-related investigations or escalations
• Help design, refine, and document incident response workflows, playbooks, and operational procedures
• Contribute to the enhancement of detection tooling, configurations, and internal security utilities
• Participate in assessments of third-party services, focusing on security posture and incident risk
• Work collaboratively with engineers, infrastructure teams, and developers to improve response readiness and signal quality

What You’ll Bring…

• 3-6 years’ experience in security engineering, detection & response, incident response, or a closely related technical role
• A practical understanding of how security incidents unfold in real systems, including common attacker behaviours, failure modes, and investigative approaches
• Proficiency in at least one general-purpose programming language, with Python particularly valuable for automation and analysis
• Experience building small, dependable security tools or scripts to automate investigations, enrich data, or improve response workflows
• A detection-focused mindset: comfortable translating incidents into longer-term improvements through rule tuning, signal refinement, and coverage gap analysis
• An analytical, curiosity-driven approach to working with logs, telemetry, and datasets to identify anomalies or suspicious activity
• Solid grounding in computer science concepts, paired with an engineering-led approach to problem solving rather than checklist-driven security
• An interest in improving how security work is done - reducing manual effort, increasing reliability, and strengthening operational effectiveness through automation
• A degree in computer science or a related technical discipline is preferred, though equivalent professional experience will be considered
• (Preferred) Strong fundamentals across Linux and endpoint environments, including confidence inspecting processes, networking behaviour, authentication events, logs, and file integrity during investigations

...

Apply for this role

All fields marked with * are required.