Senior Detection Engineer

Senior Detection Engineer - Inside IR35
Contract Term: 12 Months
Contracting Authority: Cabinet Office
Location: Remote/Hybrid – London, Bristol, Manchester or Glasgow

The Cabinet Office supports the Prime Minister and ensures the effective running of government. It is also the corporate headquarters for government, in partnership with HM Treasury, and takes the lead in certain critical policy areas.
We are the Cabinet Office’s cyber security team, and our mission is to secure the department against cyber threats. We protect our nationwide internal IT infrastructure, and high-profile citizen-facing digital services such as GOV.UK.
The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and vulnerability management capabilities for the Cabinet Office and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior detection engineer, you’ll take a leading role in building and delivering these core capabilities, focusing on threat detection.

As a Senior Detection Engineer your main responsibilities would be:
•    Lead the development and maintenance of robust detection content in the SIEM, working with service teams across the department to understand and implement requirements.
•    Identify and deliver opportunities for continual improvement of the threat detection capability.
•    Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities.
•    Develop and update internal documentation, including knowledge base articles, standards, and policies.
•    Act as an escalation point for, and provide coaching and mentoring to, security analysts and detection engineers.
•    Be responsible for leadership and line management of security analysts and detection engineers.

You’ll have relevant experience in:

•    Active SC Clearance.
•    Experience working with SIEM tools.
•    Mitre attack frame work knowledge/experience.
•    Experience building, maintaining and tuning detection content using languages such as SPL.
•    Broader experience using common enterprise security tools such as EDR.
•    An in-depth understanding of the tools, techniques and procedures used by threat actors.
•    Experience coaching and mentoring junior staff.
•    Excellent analytical and problem solving skills.
It’s desirable, but not essential, that you have:
•    Experience with Splunk.
•    Experience working in an Agile environment.
•    Experience with cloud environments such as AWS.

If this role sounds like something that you would be interested in, please click the link to apply or get in touch with karl.robinson@publicsectorresourcing.co.uk 

Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know.

In applying for this role, you acknowledge the following, this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.

Please be aware that this role can only be worked within the UK and not Overseas.