Operations Advisor, Cyber Defense Operations

Cyderes
Reading, United Kingdom
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Reading, United Kingdom

Tech stack

Computer Security
Query Languages
Intrusion Detection and Prevention
Kusto Query Language
Security Information and Event Management
Mitre Att&ck
Microsoft Sentinel
Cyber Warfare
Splunk

Job description

The Operations Advisor is the primary technical owner of detection outcomes for assigned clients. You drive detection quality, identify gaps in coverage, and advance client security maturity through expert-level advisory and hands-on detection engineering., * Own and maintain detection coverage aligned to the Cyderes Rule Set

  • Lead tuning and optimization of detection rules across SIEM platforms
  • Identify, prioritize, and remediate detection gaps
  • Execute and guide retrohunt activities to validate detection effectiveness
  • Own the technical account relationship for assigned clients
  • Lead technical cadence calls focused on detection performance, gaps, and outcomes
  • Translate technical findings into risk-based, business-relevant insights
  • Guide clients on prioritization of improvements based on detection impact
  • Act as a trusted advisor on detection strategy and operational effectiveness
  • Support and lead response efforts for security incidents
  • Provide detection-focused expertise during investigations
  • Identify detection improvements based on real-world incident learnings

Requirements

Do you have experience in Splunk?, * 3-5 years of experience in detection engineering, security operations, or a closely related discipline

  • Hands-on proficiency with one or more enterprise SIEM platforms (Splunk, Microsoft Sentinel, Chronicle, or equivalent)
  • Demonstrated experience writing and tuning detection rules in production environments
  • Working knowledge of MITRE ATT&CK and ability to map detections to adversary TTPs
  • Strong client-facing communication - leads technical conversations and earns trust
  • Experience conducting or supporting incident response investigations
  • Experience in a managed security services or MSSP environment serving multiple clients
  • Proficiency in multiple SIEM query languages (SPL, KQL, YARA-L, or similar)
  • Familiarity with SOAR platforms and automation-assisted detection workflows

About the company

Who We Are We help the world Be Everyday Ready Today's threatscape is relentless. So are we. At Cyderes, we specialize in building practical IAM, exposure management, and risk programs, and stopping active threats fast with MDR that works with your existing security tools - all augmented by AI and driven by seasoned operators. Our tireless global team is laser-focused on cybersecurity, arming organizations with the people, platforms, and perspectives they need to conquer whatever tomorrow throws their way. \uD83C\uDFC6 Great Place to Work® Certified \u007C United States · Canada · United Kingdom · India

Apply for this position