The purpose of this role is to lead a global team that builds, maintains and continuously improves detection logic across a variety of MXDR technologies, according to a clear strategy that is regularly updated to meet market and client demands. The global team will be made up of regionally located colleagues (UK, NL, AU & PH), that all contribute to a global set of detection logic, custom detections for clients and structural improvement projects around these themes.
The head of global detection engineering will be responsible for ensuring a market leading detection coverage on the technologies we deploy as part of our MXDR services. They ensure that we detect high risk cyber attack techniques, that result in high fidelity detections at our clients, with low false positive ratios.
A key part of the role is engaging and collaborating with other leaders in the GMS and NCC business, to ensure that we achieve the following key ambitions:
- Develop new detection logic to contribute to Detection Engineering content repository.
- Continuously improve existing detection logic.
- Write and maintain detection tests cases.
- Review findings of TI, CERT, and Red Team activities and evaluate from a detection engineering improvement perspective.
Lead a global implementation team that builds, maintains and continuously improves detection logic across a variety of MXDR technologies
Be part of the GMS DevSecOps leadership team and actively contribute to setting vision, direction and feature set of our technology platforms
- Ensure that our detection logic is a differentiator in the market, providing extensive and high quality coverage for advanced cyber attacks
- Manage senior detection engineers who each manage a number of detection engineers on a specific technology set (EDR, NDR, SIEM)
- Work pro-actively with wider NCC teams to ensure all relevant inputs are available (TI, DFIR, RTO etc) to build top-notch detection logic and to ensure other teams (like solution architecture and implementations) have the required information to deploy high quality MXDR systems with the best possible coverage
- Ensure that we can always provide transparency to clients about the detection coverage they receive
- Ensure that we develop new ways of applying data science to our vast data sets in order to further improve detection of cyber attacks, correlation of alerts and other efficiencies and improvements that provide improved coverage to clients and improved efficiency to our SOC.
-
Experience in detection engineering on a range of technologies (SIEM and EDR, ideally NDR as well)
- Experience in working in a global firm in a multi-cultural context
- Experience in working in a complex international environment, that’s subjected to a significant amount of change
- Excellent oral and written communication skills
- Ability to work with clients and NCC colleagues to continuously improve the service we deliver
- Experience with and knowledge of application of data science within a cyber security context
- Inspiring leader, with ability to communicate effectively at all levels, creating an approachable and supportive environment for colleagues
Desirable skills:
- Have hands-on experience with a variety of technologies we use: Sentinel, Defender for End-point, Carbon Black, Splunk, etc
- Experience with purple teaming and other adjacent cyber security practices/topics that strengthen detection engineering
- Forensics and/or incident response experience
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
- Flexible Working: Balance your work and personal life with our flexible working options.
- Enhanced Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
- Medicash & Critical Illness Scheme
- Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
- Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
- Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
- Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
- Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
- Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
We assess, develop and manage cyber threats across our increasingly connected society. We advise global technology, manufacturers, financial institutions, critical national infrastructure providers, retailers and governments on the best way to keep businesses, software and personal data safe.
With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.
We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.
Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, you can utilise the Manage Your Data tool provided by Pinpoint or contact us directly at:
[email protected]. All personal data is held in accordance with the NCC Group Privacy Notice.
We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.