Lead Content Detection Engineer - Leeds - National Security West

4 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Location: Leeds

Requisition ID: 122532

Grade: GG10

Referral Bonus: £5,000

About The Role

BAE Systems is recruiting an experienced Detection Engineering Lead to join our Security Operations Centre (SOC) supporting a Critical National Infrastructure (CNI) client. This role blends technical expertise and leadership, responsible for setting the strategic direction of our Detection Engineering function, managing a small team of detection engineers, and ensuring the delivery of world‑class security detection capabilities.

As the Detection Engineering Lead, you will take full ownership of the detection strategy, team development, and service delivery, working closely with senior stakeholders to meet contractual KPIs and drive continuous improvement across the function. This role reports directly to the Service Delivery Manager and works closely with the threat intelligence lead and the SOC manager.

The Opportunity

You will define and maintain the overall detection strategy and roadmap for the Detection Engineering function, ensuring all initiatives and deliverables align to KPIs. You will drive the direction of the engineering function, identify opportunities for service improvements and efficiency enhancements through automation and tooling.

As a people manager, you will lead the Detection Engineering team’s workload and professional development, conducting regular meetings, fostering continuous learning, and delivering knowledge to junior members.

Operational ownership is critical: you will manage business‑as‑usual operations and service improvement initiatives, balancing strategic thinking with operational accountability.

Stakeholder engagement is key: you will communicate detection efficacy, KPIs, and continuous service improvements to the Service Delivery Manager, executives, and wider customer teams, advocating effectively for the team’s requirements at senior levels.

Essential Skills And Experience

• Advanced proficiency in Splunk and Microsoft Sentinel SIEM platforms
• Understanding and experience with AWS and Azure cloud environments
• Advanced understanding of KQL and SPL to write efficient, high‑fidelity detections
• Strong Python programming skills for developing and maintaining automation and Detection as Code pipelines
• Experience monitoring networks and working with threat intelligence, ideally understanding the MITRE ATT&CK framework
• Strong understanding of security detection methodologies and best practices
• Experience creating and presenting strategic direction and managing workloads
• Excellent communication and stakeholder management skills

Preferred Skills And Experience

• Experience with Detection as Code methodologies
• Proficiency in React or JavaScript for tooling development
• Experience in people management and team leadership

Certifications

• SANS courses: SEC599, SEC530, SEC699, FOR608, SEC541
• GIAC certifications: GDAT, GCIH, GCDA, GMON, GSOC, GDSA, GCED
• Other certifications: CISSP, ISSEP, CCSP; vendor‑specific certifications from Splunk, AWS, or Microsoft

What We're Looking For

The ideal candidate will be a strategic thinker with strong decision‑making capabilities and a proactive approach to problem‑solving and continuous improvement. A commitment to team development, knowledge sharing, and staying current with emerging threats and technologies is essential.

About BAE Systems

BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, enabling governments, nation states, armed forces and commercial businesses to unlock digital advantage in the most demanding environments.

Life at BAE Systems Digital Intelligence

We are embracing hybrid working, allowing flexibility for home, office or client sites. This enhances well‑being and balances work and personal life while fostering collaboration and innovation. Diversity and inclusion are integral to our culture, bringing together varied perspectives, skills and backgrounds to achieve excellence and organisational success.

Seniority level

• Mid‑Senior level

Employment type

• Full‑time

Job function

• Engineering and Information Technology

Industries

• IT Services and IT Consulting