Senior Security Engineer

Senior Security Engineer
Cambridge (Flexible working arrangements available)
£70k-£80k

If you've ever been the one who spotted the anomaly before it became an incident, or the engineer who built the tool that turned days of investigation into minutes-you'll feel right at home here.
This is a senior role for someone who wants to move beyond responding to alerts and instead shape how security detection, automation, and response are built from the ground up. You'll have real influence over architecture, tooling, and strategy while working alongside experienced engineers in an organisation that actually listens to its security team.

What's in it for you from day one?

• Private medical and dental coverage
• Enhanced family leave with zero waiting period
• Flexible working hours and a hybrid environment
• Buy and sell holiday options on top of 25 days leave plus bank holidays
• 6% employer pension contributions
• Mental health and counselling support
• Annual performance bonus
• A progressive, supportive security team where your ideas are welcomed and actioned

Your role in a nutshell
You'll be the person designing how threats are detected, how alerts are enriched, and how teams respond. This more than a monitoring role, it's an engineering role with a focus on proactive defence. You'll automate workflows, fine-tune detections, investigate incidents, and make sure that when something does go wrong, it's contained quickly and effectively.
What you'll be responsible for

• Designing and maintaining scalable detection logic across cloud and on-prem environments
• Developing automation that reduces response time and removes repetitive analyst work
• Writing scripts and tooling that help collect, correlate, and enrich event data
• Performing deep investigations when incidents occur and making sure we don't see the same issue twice
• Continuously improving processes, playbooks, and tooling based on real-world lessons
• Collaborating with internal engineering teams and external providers to enhance security coverage and visibility
• Sharing knowledge across the team and helping level-up how we operate as a security function

What we're looking for

• Significant experience (roughly 7 to 10 years) in security operations, detection engineering, or incident response
• Deep understanding of attacker techniques, detection methodologies, and response frameworks like MITRE ATT&CK
• Comfortable working in cloud-native environments (especially AWS) with a focus on building or integrating security tooling
• Hands-on experience with SIEMs and log pipelines
• Experience working within a Software/Technical organisation

What makes this different?
You won't be buried under alerts or stuck fighting fires. This is a space where detection is strategic, automation is encouraged, and your voice will genuinely shape how things are done. You'll be given the time, tools, and trust to build security solutions that scale.
Sound like your kind of environment? Contact Andy Clarke at The One Group for more information! All discussions will be treated confidentially.

#J-18808-Ljbffr