JOB TITLE: Detection & Response Engineer
LOCATION(S): Leeds, Manchester, Bristol, London or Edinburgh
HOURS: Full time (This role will include a requirement to work as part of an on-call rota)
WORKING PATTERN: Our work style is hybrid, which involves spending at least two days per week, or 40% of our time, at our locations noted above.
About this opportunity
At Lloyds Banking Group, we’re moving to the next stages of our digital transformation, and it’s our job within the Chief Security Office (CSO) to ensure that we keep our customers, colleagues and assets safe from threat.
Our Cyber & Physical Defence Centre is undertaking an end-to-end modernisation to increase our ability to stay one step ahead of cyber adversaries. We pride ourselves on our innovative approach and our commitment to excellence in cyber security.
Join us as a skilled and proactive Detection and Response Engineer and play a pivotal role in safeguarding our organisation against cyber threats!
What you’ll do
Design, code and operationalise detection rules based on threat models and intelligence
Fine-tune detection rules and monitor their performance
Support detection automation and playbook editing
Conduct proactive threat hunting and threat modelling
Perform cyber event triage, classification, and investigation
Complete containment, remediation, and recovery activities
Build and maintain reporting mechanisms and documentation
Perform root cause analysis and support post-incident reviews
Why Lloyds Banking Group
Like the modern Britain we serve, we’re evolving. Investing billions in our people, data, and tech to transform the way we meet the ever-changing needs of our 26 million customers. We’re growing with purpose. Join us on our journey and you will too.
What you’ll need
Previous experience of working in a cyber security operations context
Ability to analyse security logs and events
Knowledge of threat detection lifecycle, attacker behaviour and Tactics, Techniques and Procedures (TTPs)
An understanding of advanced cyber defence concepts such as Continuous Detection/Continuous Response and Cyber Threat Intelligence, and how to apply them
Understanding of detection logic (e.g. SIEM use cases) and detection-as-code (DaC)
Ability to communicate technical information clearly to non-technical audiences
About working for us
Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our customers, colleagues and communities and we’re committed to creating an environment in which everyone can thrive, learn and develop.
We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer Initiative.
We offer reasonable workplace adjustments for colleagues with disabilities, including flexibility in office attendance, location and working patterns. And, as a Disability Confident Leader, we guarantee interviews for a fair and proportionate number of applicants who meet the minimum criteria for the role with a disability, long-term health or neurodivergent condition through the Disability Confident Scheme.
We provide reasonable adjustments throughout the recruitment process to reduce or remove barriers. Just let us know what you need.
We also offer a wide-ranging benefits package, which includes:
A generous pension contribution of up to 15%
An annual performance-related bonus
Share schemes including free shares
Benefits you can adapt to your lifestyle, such as discounted shopping
Up to 30 days holiday, with bank holidays on top
A range of wellbeing initiatives and generous parental leave policies.
Want to do amazing work, that’s interesting and makes a difference to millions of people? Join our journey.
