RemoteLeaf Logo
Log in Sign up

Senior Security Engineer - Detection & Response - EU/UK

1 week ago
United Kingdom
Full-time
Lead
Security Engineer
Cybersecurity
AWS Git SIEM
Apply Now
Marqeta

Marqeta

Marqeta is a pioneer in modern card issuing and payment solutions, offering businesses instant card issuance and payment processing through their innovative open API platform.

Diversified Financial Services
251-1K
Founded 2010
View All Jobs 27

Description

  • Lead the incident response program and serve as incident commander during security events of all severity levels.
  • Monitor the environment for cyber threats and manage day-to-day security alerts through analysis, triage, and response.
  • Execute incident response activities aligned with the NIST Incident Response Lifecycle to detect, contain, eradicate, recover, and learn from incidents.
  • Maintain and improve the Cybersecurity Incident Response Plan, playbooks, runbooks, and standard operating procedures.
  • Participate in 24x7x365 on-call rotations and support post-incident reviews.
  • Research threat intelligence sources and lead hypothesis-driven threat hunting in corporate and production environments.
  • Partner with Security Engineering and Security Solution Engineering to tune tools, improve detections, and deploy detections through CI/CD pipelines.
  • Design, develop, and maintain detection logic using a detections-as-code approach for SIEM and EDR platforms.
  • Map detection coverage to MITRE ATT&CK and identify gaps to prioritize detection development.
  • Coordinate with HR, law enforcement, response retainers, cyber insurers, Fraud, Compliance, and Risk teams during relevant security incidents.

Requirements

  • 5+ years of hands-on experience in security operations with strong expertise in incident response, digital forensics, and threat hunting.
  • Experience serving as an incident commander or leading incident response workstreams under pressure.
  • Strong knowledge of the NIST Incident Response Lifecycle and incident response documentation and procedures.
  • Proficiency with security monitoring and forensic tools including EDR, SIEM, and SOAR systems.
  • Experience developing detections-as-code, including version control, CI/CD pipelines, and detection testing frameworks.
  • Working knowledge of MITRE ATT&CK and its use for assessing detection coverage and mapping threat actor TTPs.
  • Experience contributing to post-incident reviews and implementing improvements from lessons learned.
  • Solid understanding of threat actor TTPs and the ability to apply threat intelligence to detection and response.
  • Experience tuning security solutions and building automation workflows to improve monitoring and response efficiency.
  • Working knowledge of AWS cloud services and securing cloud environments.
  • Experience in payment processing, fintech, or another highly regulated environment; familiarity with PCI DSS incident handling is a plus.
  • Ability to communicate effectively with technical and non-technical stakeholders during incidents and investigations.
  • Proven ability to work independently and judge when to engage teammates or escalate issues.
  • Willingness to mentor and support junior security professionals.
  • UK-based and able to work remotely anywhere in the UK or from the London office.

Benefits

  • Premium private medical and dental coverage.
  • Generous time off program with additional floating holiday days.
  • Retirement savings program with company contribution.
  • Equity in a publicly traded company plus an Employee Stock Purchase Program.
  • Monthly stipend to support remote work.
  • Annual development stipend for growth and development.
  • Family-forming benefits and up to 20 weeks of parental leave.
  • Wellbeing programs including Modern Health and HealthKick.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Bugcrowd

Cleared Vulnerability Research Engineer

Bugcrowd 1K-5K Internet Software & Services

Bugcrowd is hiring a cleared exploit development specialist to independently build novel vulnerability discovery and exploitation capabilities for real-world targets in a remote role with travel to customer sites.

United States Full-time Lead Research Scientist Security Engineer
$155k-$194k
Assembly C Python
1 hour ago
ShipMonk

VP, Information Technology

ShipMonk 1K-5K Air Freight & Logistics

ShipMonk is hiring a Vice President of Information Technology to lead its global IT function across fulfillment centers and corporate offices, shaping infrastructure, cybersecurity, service delivery, and workplace technology to support rapid operational growth.

United States Full-time Executive Infrastructure Engineer Security Engineer
Cybersecurity DHCP DNS
3 hours, 27 minutes ago
instacart.careers

Senior Security Engineer II

instacart.careers 1K-5K Internet Software & Services

Instacart is hiring a Security Engineer on the CAPS team to secure cloud infrastructure, AI systems, and product surfaces while helping engineering teams ship new features safely.

Canada Full-time Senior Security Engineer
$145k-$153k
3 hours, 27 minutes ago
Censys

Director of Security/GRC

Censys 51-250 IT Services

Censys is hiring a Director of Security & GRC to lead corporate security, risk, and compliance programs for a remote U.S. team supporting internet intelligence operations.

United States Full-time Executive Penetration Tester Security Engineer
$180k-$237k
AWS Azure Cybersecurity GCP SIEM
3 hours, 27 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers