About

Cyber Threat Detection Engineer Location: UK (fully remote - work from anywhere worldwide)Salary: Up to £100,000 + benefits About the role We're looking for a hands-on Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour. You'll work with global telemetry, honeypots, and deception systems to identify exploitation, develop detection pipelines, and convert threat intelligence into actionable insights. Key responsibilities Own design and operation of detection logic for live attacker activity, including zero-day and N-day exploitation Build and maintain pipelines that ingest, enrich, and correlate telemetry and threat intelligence Reduce noise, validate detections, and tune signals at scale Rapidly respond to emerging threats and translate exploitation into customer insights Produce detection research, threat reports, and mentor peers on detection standards About you 5+ years in detection engineering, threat research, SOC, IR, or offensive security 3+ years building production-ready detections from attacker behaviour Strong knowledge of threat intelligence, MITRE ATT&CK, exploit lifecycles, and tradecraft Hands-on experience with honeypots, deception, or large-scale telemetry Skilled in Python and familiar with OpenSearch / ELK stacks Comfortable in high-noise, fast-moving environments Why join us Fully remote role with global flexibility Work with live attacker data, not synthetic datasets High-impact, startup-style