×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Detection Engineer

Job in Greater London, London, Greater London, EC1A, England, UK
Listing for: Our Future Health UK
Full Time position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Job Description & How to Apply Below
Location: Greater London

We're looking for a Detection Engineer to join our expanding Information Security team who thrives on innovation, loves working across disciplines, and brings new ideas to the team. This is your chance to take ownership, experiment, and grow into a role with the opportunity to make a real impact. This isn't your average SOC role. At Our Future Health, the "boring bits" of the SOC are outsourced, leaving you with the exciting, high‑impact work that shapes how we detect and respond to threats 'll collaborate closely with our in-house Threat team and our outsourced SOC partner, building unique detection capabilities that go beyond just SIEM detections.

Think KQL scripting, Microsoft Sentinel, Azure, Kubernetes, and cloud‑native log sources, all while applying MITRE frameworks and helping to configure and tune other core security controls like DLP to keep us ahead of the threat landscape. If you want to design detections that matter, and be part of something unique that is the first of its kind at this scale, then this is the role for you.

At Our Future Health, our mission is to transform the prevention, detection and treatment of conditions such as dementia, cancer, diabetes, heart disease and stroke. We're looking for people to join us on our journey. If you're looking for a new challenge where you can contribute to helping future generations live in good health for longer, then we're keen to speak with you.

What

You'll Be Doing
  • Developing new threat-led detections in collaboration with our threat team based on both threat intelligence and the results of threat hunts
  • Creating novel analytic methods and techniques for incident detection
  • Working with our MSP provided SOC to maintain our detection catalogue and tune existing rules
  • Developing and tuning Data Loss Prevention, Insider Risk Management and other types of security rules within Microsoft Purview and other key security monitoring tools
  • Alongside our Head of Cyber Defence, supervising the MSP SOC to ensure a high-quality service is provided, detections and other types of engineering work are delivered to the appropriate standard and that the maturity (inc. efficiency) of our security monitoring is continually improving
  • Supporting the development of automated custom reports on security operational performance and broader security topics (using Sentinel workbooks)
  • Collaborating with wider tech and security teams on the appropriate security monitoring for our various systems, including cloud platforms, SaaS applications and in-house developed systems
  • Documenting security processes and security tool low-level design/configuration
  • Contributing to the development of security service delivery and operation documentation
  • Supporting the security engineers, threat analysts and wider security team with their various responsibilities, including achieving and maintaining ISO 27001 certification and anything that involves KQL
What You Won't Be Doing
  • Working in a siloed environment with no freedom to make decisions.
  • Working in a place where you can't see the impact your expertise makes.
Requirements
  • Highly proficient in writing KQL and ideally some level of proficiency in Python and Terraform
  • Significant hands‑on experience with Microsoft Sentinel
  • Experience with Microsoft's Defender suite, in particular Defender for Endpoints and Defender for O365
  • Experience with Microsoft Entra  (previously AAD), including the Identity Governance capabilities
  • Experience with Microsoft Purview tooling, in particular MPIP and Purview Data Loss Prevention
  • Experience with cloud-native logging (in particular Azure and Kubernetes)
  • Experience of an ‘everything-as-code', or at least a ‘detection-as-code' approach, including CI/CD pipelines
  • Exposure to working with/inside an MSP SOC
  • Exposure to Agile working
  • Knowledge of attacker Tactics, Techniques and Procedures (TTPs)
  • Knowledge of statistics, data science and AI/ML, in particular when applied to cyber security
  • Knowledge of ISO 27001
  • Desire to be part of a small fast-paced team
  • Relevant certifications, such as:
    Microsoft certifications (MS‑500, AZ‑500, SC‑200, SC‑300, SC‑400), CompTIA Security+, GIAC Security Operations Certified (GSOC), Cloud…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search