Protective Security Officer supporting information security and physical security processes at Telia. Collaborating with clients and team members for effective security management.
BD
Hybrid Security Detection & Response Engineer - Flutter Functions
Posted 5 days ago
About the role
- Security Detection & Response Engineer for Flutter Entertainment developing security detection frameworks. Collaborating with global teams to enhance cybersecurity operations in complex, multi-cloud environments.
Responsibilities
- Design, develop, and maintain threat detection rules, alerts, and dashboards mapped to the MITRE ATT&CK framework using SIEM and other security tools.
- Continuously tune and optimize existing detections to reduce false positives while maintaining high detection efficacy.
- Conduct regular reviews of detection coverage and identify gaps based on threat intelligence, incident trends, and organizational risk profile.
- Test and validate detection effectiveness through atomic testing, purple team exercises, and collaboration with red teams.
- Perform triage and in-depth analysis of security alerts using Splunk, AWS-native tools, and various SaaS security platforms
- Conduct root cause analysis and post-incident reviews to drive continuous improvement.
- Research, design, and implement automation solutions to streamline detection creation, alert enrichment, and incident response workflows.
- Explore and pilot the use of Large Language Models (LLMs) and generative AI to enhance security operations, including automated alert analysis, playbook generation, and response recommendations.
- Develop and maintain automated response playbooks and orchestration workflows using SOAR platforms and scripting.
- Integrate threat intelligence feeds into detection and response workflows to enhance context and prioritization.
- Track threat actor TTPs and translate them into actionable detections.
- Document detection logic, alert triage procedures, incident response playbooks, and automation workflows.
- Contribute to the security knowledge base and runbook library.
Requirements
- Proven experience with SIEM platforms (preferably Splunk) for query development, detection creation, alert tuning, and dashboarding.
- Demonstrated experience in security alert analysis, incident response, and threat hunting within large, complex organizations.
- Hands-on experience with detection validation techniques, including atomic testing frameworks (e.g., Atomic Red Team) and purple team collaboration.
- Strong understanding of the MITRE ATT&CK framework and ability to map threat actor TTPs to defensive controls.
Benefits
- Hybrid & remote working options
- €1,000 per year for self-development
- Company share scheme
- 25 days of annual leave per year
- 20 days per year to work abroad
- 5 personal days/year
- Flexible benefits: travel, sports, hobbies
- Extended health, dental and travel insurances
- Customized well-being programmes
- Career growth sessions
- Thousands of online courses through Udemy
- A variety of engaging office events
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Application Security Lead at Mastercard enhancing application security and collaborating with development teams. Leading initiatives, guiding secure coding practices, and fortifying cybersecurity posture.
Senior Cloud Security Architect for Texas state government project. Designing secure cloud architectures and integrating security in DevSecOps pipelines.
Information System Security Officer detecting and documenting security configurations for government solutions. Collaborating with teams to provide secure and effective solutions against advanced cyber threats.
IT Infrastructure and Security Administrator overseeing management and maintenance of IT systems at Avive Solutions. Focused on user devices, networks, and authentication systems.
Linux Network Security Engineer at Booz Allen Hamilton architecting and deploying Endace packet capture systems across a distributed enterprise. Integrating with analytics ecosystems and ensuring optimal performance.
Product Manager responsible for managing Microsoft Security Services portfolio at Softchoice. Engaging with customers, Microsoft and stakeholders to drive market success and growth.
Systems Administrator managing IT support and compliance activities in a tech - oriented company. Leading infrastructure design and security measures while collaborating with managed service providers.
Cyber Security Expert supporting project teams with structured risk assessments and compliance documentation at Nordex wind farms. Collaborating closely with Information Security to ensure secure operations.
OT Cybersecurity Engineer enhancing cybersecurity in industrial environments. Ensuring compliance with cybersecurity standards and collaborating across engineering, IT, and product teams.