Threat Detection Engineer

Do you have a passion for hunting malicious activities in the background of business as usual and figuring out how to detect and respond to new threats?

Millennium SOC is looking for an experienced Threat Detection Engineer to drive our best-in-class posture.

This is a highly technical role, and successful candidates will have demonstrable knowledge and experience across a range of business and security technologies within a fast-paced organisation.

Principal Responsibilities

• Identify modern evolving threats and develop new detection and response approaches
• Create and operate high-fidelity detections mechanisms that drive efficient, effective and repeatable response
• Own, operate and automate detection and response workflows, that enable the team to focus on strategic objectives
• Lead Information Security response activities for the firm
• Work across business and technology teams to deliver positive outcomes across the firm
• Explain complex technology and information security related concepts to a wide range of stakeholders
• Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering stakeholder queries
• Monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies
• Ensure Millennium Information Security capabilities remain fit for purpose and evolve to meet the changing threat landscape

Qualifications/Skills Required

• Bachelor or master’s degree in computer science or cyber security with strong IT background or equivalent demonstrable experience
• 3 years’ experience working in a security engineering role, financial industry experience preferred
• Experience in creating detections in modern query languages (KQL, SQL, SPL)
• Possesses security certifications (Security+, OSCP, CISSP, CEH, GCIA, GCIH)
• Experience with modern security tooling across security domains; network, endpoint, data, identity and cloud
• Experience in standard enterprise technology stack, Active Directory, Entra, Group Policy, Intune, DNS, TCP/IP, PKI, Microsoft 365, Windows, Linux, MacOS, etc.
• Ability to handle sensitive and/or confidential materials with appropriate discretion
• Required scripting, development and automation skills using PowerShell or Python and proficient development tools
• Experience in OSINT, Threat hunting and analysing malicious emails
• Able to prioritise in a fast moving, high pressure, constantly changing environment