Senior Security Engineer

SWIFT
Rotterdam, Netherlands
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Rotterdam, Netherlands

Tech stack

Automation of Tests
Cloud Computing
Cloud Computing Security
Computer Security
Intrusion Detection and Prevention
Red Team (Cyber Security)
Security Information and Event Management
EndPointSecurity
Mitre Att&ck
Cyber Threat Analysis
Tactics, Techniques and Procedures (TTPs)
Cybercrime
Microsoft Sentinel
Purple Team (Cyber Security)
Splunk

Job description

  • Design, develop and continuously improve detection logic across SIEM, EDR/XDR and cloud security platforms.

  • Translate threat intelligence, threat hunting findings and emerging adversary techniques into effective, measurable detections.

  • Develop and maintain detection content aligned to frameworks such as MITRE ATT&CK.

  • Measure and improve detection coverage, effectiveness and fidelity across the organisation.

  • Partner closely with Threat Intelligence, Incident Response and Security Operations teams to identify and close detection gaps.

  • Validate detections through purple team exercises, adversary emulation and attack simulations.

  • Optimise existing detections to reduce false positives and improve analyst experience.

  • Contribute to the development of detection engineering standards, tooling and best practices.

  • Support the integration and enhancement of SIEM, EDR/XDR and cloud-native security technologies.

  • Mentor junior engineers and help raise the technical capability of the wider Cyber Threat Management team.

  • Stay current with emerging threats, attacker tradecraft and detection engineering techniques. What Success Looks Like Within your first year, you will:

  • Expand detection coverage across key attack techniques and adversary behaviours.

  • Improve detection fidelity while reducing operational noise.

  • Develop new detections that address emerging threats relevant to 's environment.

  • Help mature our detection engineering lifecycle, testing practices and content management processes.

  • Become a trusted technical advisor on threat detection and detection engineering across the organisation. Who This Role Is For You may currently be working as a:

  • Detection Engineer

  • Threat Hunter

  • Detection Content Engineer, As part of the interview process, candidates will participate in a practical detection engineering exercise focused on analysing attacker behaviour, identifying relevant telemetry and developing effective detection logic. The assessment is designed to reflect the day-to-day responsibilities of the role and provides an opportunity to demonstrate hands-on technical expertise. What we offer We give you the freedom to be yourself. We are creating an environment of unique individuals - like you - with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone's voice counts and where you can reach your full potential. We are committed to an inclusive and accessible recruitment process. If you require a reasonable accommodation related to accessibility during your application or interview, please contactor indicate this in your application. At , we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

Requirements

  • 5+ years of cybersecurity experience, including significant hands-on experience in threat detection engineering, threat hunting or closely related disciplines.

  • Experience designing, implementing and maintaining detection content within SIEM platforms such as Splunk, Microsoft Sentinel, Elastic, Chronicle or similar technologies.

  • Strong understanding of attacker tactics, techniques and procedures (TTPs) and the MITRE ATT&CK framework.

  • Experience developing detections using endpoint, network, identity, cloud and application telemetry.

  • Hands-on experience with EDR/XDR platforms and endpoint detection methodologies.

  • Experience translating threat intelligence and threat hunting outcomes into operational detection content.

  • Knowledge of detection-as-code principles, content lifecycle management and automated testing approaches.

  • Familiarity with cloud security monitoring and detection use cases across modern cloud environments.

  • Strong analytical, investigative and problem-solving skills.

  • Excellent communication and stakeholder management skills.

  • Experience mentoring and developing junior engineers. Desirable Experience

  • Experience with adversary emulation, purple teaming or red team collaboration.

  • Experience using automation to improve detection engineering workflows.

  • Familiarity with UEBA and behavioural detection approaches.

  • Relevant certifications such as GIAC, SANS, GCDA, GCTI, GMON, MAD20 or similar.

About the company

We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value - across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we're proud to support the global economy. We're unique too. We were established to find a better way for the global financial community to move value - a reliable, safe and secure approach that the community can trust, completely. We're always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions. For nearly five decades, has been a trusted partner to the global financial ecosystem, enabling secure and seamless financial flows across the world. As the cyber threat landscape continues to evolve, protecting the systems that underpin global finance has never been more critical. Our Cyber Threat Management team is looking for an experienced and highly technical Senior Detection Engineer to help strengthen and advance our threat detection capabilities. This is an opportunity to work at the forefront of cybersecurity, developing high-fidelity detections that identify sophisticated adversary activity across enterprise, cloud and hybrid environments. This role is ideal for someone who is passionate about detection engineering, threat hunting and adversary-focused defence. You will play a key role in transforming threat intelligence and attacker behaviours into actionable detection content that helps protect one of the world's most critical financial infrastructures. What to Expect

Apply for this position