Cyber Threat Detection Engineer

Location: UK (fully remote - work from anywhere worldwide)
Salary: Up to £100,000 + benefits

About the role

We’re looking for a hands-on Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour. You’ll work with global telemetry, honeypots, and deception systems to identify exploitation, develop detection pipelines, and convert threat intelligence into actionable insights.

Key responsibilities

• Own design and operation of detection logic for live attacker activity, including zero-day and N-day exploitation
• Build and maintain pipelines that ingest, enrich, and correlate telemetry and threat intelligence
• Reduce noise, validate detections, and tune signals at scale
• Rapidly respond to emerging threats and translate exploitation into customer insights
• Produce detection research, threat reports, and mentor peers on detection standards

About you

• 5+ years in detection engineering, threat research, SOC, IR, or offensive security
• 3+ years building production-ready detections from attacker behaviour
• Strong knowledge of threat intelligence, MITRE ATT&CK, exploit lifecycles, and tradecraft
• Hands-on experience with honeypots, deception, or large-scale telemetry
• Skilled in Python and familiar with OpenSearch / ELK stacks
• Comfortable in high-noise, fast-moving environments

Why join us

• Fully remote role with global flexibility
• Work with live attacker data, not synthetic datasets
• High-impact, startup-style engineering culture
• Salary up to £100k

Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter - @Circle_Rec and LinkedIn - Circle Recruitment.