Skip to main content

Search & Apply Job description

Threat Detection Engineer

  • Location:
    Birmingham, Bristol, Glasgow, Leeds, London, Manchester, Marlow, South Coast
  • Department:
    Services - DevOps
  • Vacancy Type:

Meet the recruiter

Faisel Khan

Share this page
Share with linkedin
Share with facebook
Share with twitter
Share with email
Vacancy Alerts
Create an alert subscription based on this vacancy

Would you like to work in a supportive, collaborative and innovative company? 


Do you enjoy working as part of an enthusiastic, passionate, and collaborative team? 


Join our DevOps team

The Site Reliability Engineering team deliver complete technical solutions using leading edge technology. We are a skilled team of system developers, software engineers, architects, and support engineers who work as a single unit to understand the problems faced by other departments and design a sustainable solution that fits their needs.


Success. The Softcat Way. 

Softcat is a £1billion+ pa turnover technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career.

Our Threat Detection Engineer must have strong background in cyber security and technical adaptability as they are responsible for translating the ever-evolving cyber threat landscape into legitimate threats and developing the associated runbooks and automation to effectively triage them for the CyberOps Team. The Threat Detection Engineer should be comfortable across a range of SIEM alerting platforms and have a development background with strong experience in Python frameworks.


Have you got skills in Python and have experience chasing threats?

As a Threat Detection Engineer, you'll be responsible for: 

  • Requirements analysis and SIEM Use Case design, validation, and testing in QA
  • Development of SOC triage runbooks for developing threats
  • Develop Microsoft Sentinel content including Detection rules, Functions, Playbooks, LogicApps and Query Time Parser
  • Work closely with key Softcat Cyber Stakeholders to support the development of strategic roadmaps
  • Contribute to Cyber systems and infrastructure integration initiatives within the business. Working alongside Solution Architects, Management, and engineering.
  • Integrate internal systems with 3rd party products and build tooling around them.
  • Provide 3rd line support for use case automation issues


What we need from you 

  • Experience working with in complex MSP environments with stringent security, risk & compliance, and privacy requirements.
  • In Depth knowledge of the MITRE ATT&CK framework
  • Aptitude to pick up new technologies and provide training to other members of the wider engineering team
  • Expertise in Python and Test-driven development
  • Experience Automating and orchestrating using APIs
  • Working Experience with common CI/CD frameworks/tooling (Jenkins/Circle CI/Git Pipelines)
  • Experience with SIEM Platforms, including working with logs and creating correlation searches and dashboards


Work in a way that works for you  

We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:  

  • Hybrid working – 2-3 days in the office and 2-3 days working from home  
  • Working flexible hours - flexing the times you start and finish during the day  
  • Flexibility around school pick up and drop offs 


Working with us  

Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background.  

Join us  

To become part of the success story, please apply now 

As part of our commitment to supporting, attracting and retaining the best diverse talent, Softcat is proud to partner with organisations like WORK180, My G Work and Black Young Professionals. Work 180 endorse employers that demonstrate on-going support for women at work, including offering benefits and policies that best support female employees. My G Work support us in our aim of attracting more LGBTQ+ talent. The BYP network support us in diversifying our talent pool by tapping into the black professional community.


Close map
Fieldhouse Lane, Marlow, Buckinghamshire, United Kingdom, SL7 1LW


We offer a competitive salary and benefits package and will provide you with opportunities to grow, flourish, and achieve great things. Our benefits include:

If you have any specific questions about working for Softcat, please check the FAQ section. If you can’t find the answer you are looking for, please email us at, and we’ll get back to you when we can.