Security Engineer - Detection & Response | Leading Global Investment Group

[Up to c. £350k Comp Package | Hybrid Working - 4 Days in Office]

Role Overview

We’re representing a high-calibre quantitative investment firm building a new security function alongside a completely refreshed technology environment. This is a rare opportunity to shape Detection & Response properly from day one, rather than inherit a noisy SIEM, half-owned tooling and legacy processes. The role suits a deeply technical security engineer who understands systems at a low level, has strong opinions on telemetry and detection architecture, and can turn those opinions into production-grade capability. You’ll work closely with senior security leadership to design the data, tooling, automation and response foundations that protect a fast-moving investment platform...

Key Responsibilities

• Define and build the firm’s Detection & Response capability across endpoint, network, cloud and internal infrastructure
• Design logging, telemetry and security data pipelines, including collection, enrichment, deduplication, storage and search
• Build and tune detections across canaries, honeypots, alerting, behavioural signals and response workflows
• Own detection infrastructure using IaC, CI/CD and software-engineering best practices
• Partner with infrastructure, engineering and operations teams to embed security into deployment and operating models
• Support broader security architecture across authentication, authorisation, certificate services and cloud controls
• Investigate security events, improve response playbooks and reduce noise through better signal design
• Make independent technical decisions that support a greenfield, fast-scaling security environment

What You’ll Bring…

• 3-5 years’ hands-on experience across detection engineering, incident response or security engineering
• Strong understanding of operating systems, networking, computer architecture and security fundamentals
• Proven ability to design security data collection strategies and build scalable telemetry pipelines
• Experience writing, tuning and maintaining detections across modern infrastructure and cloud environments
• Strong scripting or software-engineering ability, ideally with Python, Go, PowerShell or similar
• Experience managing security tooling, detections or infrastructure through IaC and CI/CD workflows
• Comfortable operating in fast-paced, high-ownership environments where priorities move quickly
• Strong communication skills, with the ability to explain security trade-offs to engineering and leadership teams
• (Preferred) Offensive security, red-team, exploit development or threat-research experience
• (Preferred) Exposure to statistics, signal processing, data science, electrical engineering or another rigorous technical discipline

...