Cyber Threat Detection Engineer
Location: UK (fully remote - work from anywhere worldwide)
Salary: Up to £100,000 + benefits
About the role
We're looking for a hands-on Cyber Threat Detection Engineer to build high-fidelity detections based on real-world attacker behaviour. You'll work with global telemetry, honeypots, and deception systems to identify exploitation, develop detection pipelines, and convert threat intelligence into actionable insights.
Key responsibilities
Own design and operation of detection logic for live attacker activity, including zero-day and N-day exploitation
Build and maintain pipelines that ingest, enrich, and correlate telemetry and threat intelligence
Reduce noise, validate detections, and tune signals at scale
Rapidly respond to emerging threats and translate exploitation into customer insights
Produce detection research, threat reports, and mentor peers on detection standards
About you
5+ years in detection engineering, threat research, SOC, IR, or offensive security
3+ years building production-ready detections from attacker behaviour
Strong knowledge of threat intelligence, MITRE ATT&CK, exploit lifecycles, and tradecraft
Hands-on experience with honeypots, deception, or large-scale telemetry
Skilled in Python and familiar with OpenSearch / ELK stacks
Comfortable in high-noise, fast-moving environments
Why join us
Fully remote role with global flexibility
Work with live attacker data, not synthetic datasets
High-impact, startup-style engineering culture
Salary up to £100k
Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter - @Circle_Rec and LinkedIn - Circle Recruitment.
