Detection Content Lead

Dyddiad hysbysebu:	02 Gorffennaf 2025
Cyflog:	£60,700 i £66,330 bob blwyddyn
Gwybodaeth ychwanegol am y cyflog:	New entrants to the Civil Service will start their role on the salary band minimum: £60,300 for National Roles. You may be eligible for an additional non-pensionable allowance, pending a Capability and Skills assessment, with a value of up to £20,100 (l
Oriau:	Llawn Amser
Dyddiad cau:	16 Gorffennaf 2025
Lleoliad:	Manchester
Cwmni:	Government Recruitment Service
Math o swydd:	Parhaol
Cyfeirnod swydd:	414513/1

Crynodeb

The Detection Content Lead sets the strategy for developing and maintaining detection rules across security tools. This role blends technical expertise in threats and adversaries with hands-on experience in tooling, data ingestion, and rule deployment. The post holder leads a team of detection engineers and works closely with threat, monitoring, and onboarding teams to deliver high-quality, scalable, and actionable detection content aligned with adversary techniques.

Your day-today responsibilities will be to:

• Design, test, and document detection rules to ensure effective coverage with minimal false positives.

• Prioritise rule deployment based on threat relevance, data quality, and system performance.

• Define and maintain a detection strategy aligned with evolving threats, regularly reviewing coverage and proposing improvements.

• Coordinate across threat, monitoring, incident response, onboarding, and engineering teams to align efforts and track progress.

• Recommend tooling enhancements, including integrations, technical add-ons, automation, and detection-as-code solutions.

• Manage the full content lifecycle—from creation to tuning—ensuring version control and documentation are maintained.

• Lead the Detection Content team, aligning work with CSOC operations and supporting the broader Threat Operations strategy. 

Due to the requirements of the role, the successful candidates will be required to work full-time (37 hours per week).

Hybrid Working

DDaT is geographically spread across multiple locations with most staff working in line with the Department’s hybrid working arrangements (a minimum of 60% of time in an office location, with the remainder working from home). The successful candidate will be based at Manchester Soapworks and there may be a requirement for occasional travel to other locations.

We are holding a Home Office Cyber Security candidate information event on 14th July 2025; please use the following link to register. Digital, Data and Tech Event: Cyber Security

Aelod balch o'r cynllun cyflogwyr Hyderus o ran Anabledd

Gwybodaeth am Hyderus o ran Anabledd

Yn gyffredinol, bydd cyflogwr Hyderus o ran Anabledd yn cynnig cyfweliad i unrhyw ymgeisydd sy'n datgan eu bod yn anabl ac yn bodloni'r meini prawf lleiaf ar gyfer y swydd fel y diffinnir gan y cyflogwr. Mae'n bwysig nodi, mewn rhai sefyllfaoedd recriwtio fel nifer fawr o ymgeiswyr, cyfnod tymhorol ac amseroedd prysur iawn, efallai y bydd y cyflogwr am gyfyngu ar y niferoedd cyffredinol o gyfweliadau a gynigir i bobl anabl a phobl nad ydynt yn anabl. Am fwy o fanylion ewch i Hyderus o ran Anabledd.