RemoteLeaf Logo
Log in Sign up

Senior Security Engineer - Detection & Response - EU/UK

4 weeks ago
United Kingdom
Full-time
Lead
Security Engineer
Cybersecurity
AWS Git SIEM
Apply Now
Marqeta

Marqeta

Marqeta is a pioneer in modern card issuing and payment solutions, offering businesses instant card issuance and payment processing through their innovative open API platform.

Diversified Financial Services
251-1K
Founded 2010
View All Jobs 30

Description

  • Lead the incident response program and serve as incident commander during security events of all severity levels.
  • Monitor the environment for cyber threats and manage day-to-day security alerts through analysis, triage, and response.
  • Execute incident response activities aligned with the NIST Incident Response Lifecycle to detect, contain, eradicate, recover, and learn from incidents.
  • Maintain and improve the Cybersecurity Incident Response Plan, playbooks, runbooks, and standard operating procedures.
  • Participate in 24x7x365 on-call rotations and support post-incident reviews.
  • Research threat intelligence sources and lead hypothesis-driven threat hunting in corporate and production environments.
  • Partner with Security Engineering and Security Solution Engineering to tune tools, improve detections, and deploy detections through CI/CD pipelines.
  • Design, develop, and maintain detection logic using a detections-as-code approach for SIEM and EDR platforms.
  • Map detection coverage to MITRE ATT&CK and identify gaps to prioritize detection development.
  • Coordinate with HR, law enforcement, response retainers, cyber insurers, Fraud, Compliance, and Risk teams during relevant security incidents.

Requirements

  • 5+ years of hands-on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting.
  • Experience serving as an incident commander or leading incident response workstreams under pressure.
  • Strong knowledge of the NIST Incident Response Lifecycle and incident response documentation and procedures.
  • Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems.
  • Experience developing detections-as-code, including version control, CI/CD pipelines, and detection testing frameworks.
  • Working knowledge of MITRE ATT&CK and its use for assessing detection coverage and mapping threat actor TTPs.
  • Experience contributing to post-incident reviews and implementing improvements from lessons learned.
  • Solid understanding of threat actor TTPs and the ability to apply threat intelligence to detection and response.
  • Experience tuning security solutions and building automation workflows to improve monitoring and response efficiency.
  • Working knowledge of AWS cloud services and securing cloud environments.
  • Experience in payment processing, fintech, or another highly regulated environment; familiarity with PCI DSS incident handling is a plus.
  • Ability to communicate effectively with technical and non-technical stakeholders during incidents and investigations.
  • Proven ability to work independently and judge when to engage teammates or escalate issues.
  • Willingness to mentor and support junior security professionals.
  • UK-based and able to work remotely anywhere in the UK or from the London office.

Benefits

  • Premium private medical and dental coverage.
  • Generous time off program with additional floating holiday days.
  • Retirement savings program with company contribution.
  • Equity in a publicly traded company plus an Employee Stock Purchase Program.
  • Monthly stipend to support remote work.
  • Annual development stipend for growth and development.
  • Family-forming benefits and up to 20 weeks of parental leave.
  • Wellbeing programs including Modern Health and HealthKick.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Anduril Industries

Senior Detection and Response Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Senior Detection and Response Engineer to build and operate defensive security controls that protect the infrastructure supporting its defense technology products.

United States Full-time Senior Security Engineer
$166k-$220k
AWS Azure CI/CD CloudFormation Docker GitHub Go Kubernetes Network Security Python Rust SQL Terraform
2 hours, 9 minutes ago
Klaviyo

Lead Security Engineer, Enterprise Security

Klaviyo 1K-5K IT Services

Klaviyo is hiring a Lead Security Engineer to secure its corporate systems and platforms across SaaS, identity, endpoints, Zero Trust networking, and perimeter defenses in a hands-on technical leadership role.

United States Full-time Lead Security Engineer
$175k-$263k
AWS Azure Cloudflare CrowdStrike GCP OAuth OpenID Connect Secrets Management Terraform Vercel
2 hours, 41 minutes ago
Anduril Industries

Staff Security Engineer

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is hiring a Security Engineer to secure its OT and ICS environments and help design foundational defenses for advanced defense technology and factory systems.

United States Full-time Lead Security Engineer
$191k-$253k
Go Linux Python Rust
4 hours, 52 minutes ago
INflow Federal

DevSecOps Engineer

INflow Federal 51-250 Aerospace & Defense

INflow Federal is seeking a fully remote DevSecOps Engineer to support an enterprise case management solution for Department of Defense mission partners by securing and automating cloud-based CI/CD and infrastructure operations in AWS GovCloud.

United States Full-time Senior DevOps Engineer Security Engineer
Agile AWS Bash CI/CD CloudFormation Docker ELK Stack Git GitLab CI Helm Jenkins Kubernetes PowerShell Prometheus Python Terraform
5 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers