
How your CV stacks up
Upload your CV to see how well it fits this job role
?%
We’re looking for a Detection Engineer to join our Customer Experience, Research, and Training (CERT) team and take ownership of the hard part of detection engineering. You’ll be the technical specialist who takes detection logic out of the lab and proves it in the wild, validating, tuning, and operationalising detections inside real customer environments where the stakes are real. Working closely with and reporting to the Lead Detection Engineer, you’ll ensure the detections we ship are investigation-ready, operationally effective, and grounded in how adversaries actually behave—not how we wish they did. If you’re excited by the challenge of turning real attacker behaviour into detections that actually catch them, and enjoy bridging the gap between research and real-world operations, we’d love to hear from you.
- What you’ll do Build, validate, and sharpen detection logic based on live investigative research and emerging threats Pressure-test detections against real-world telemetry — not synthetic test data Partner directly with Product Engineering to push high-confidence detections and investigative insights into Binalyze AIR, so the platform evolves at the speed of the threat landscape Turn what we learn from attackers this week into detection capability next week
- What Good Looks Like By 3 months: Onboarded with CERT, Product, and Engineering; baseline understanding of Binalyze AIR detection coverage, customer telemetry patterns, and the current detection backlog; validated and tuned a first set of detections in for at least one product type; first structured feedback delivered to CERT on detection efficacy. By 6 months: Established subject-matter ownership of at least one attacker-technique area; consistent flow of validated detection improvements landing in Binalyze AIR; recognised technical escalation point during complex customer investigations; trusted partner to Solutions Consulting and Forward Deployed Security Architects (FDSA) on detection-related engagements. By 12 months: Measurable improvement in detection quality and investigative signal across the portfolio; faster validation of detections in real customer environments; reduced friction during investigations involving detection logic; demonstrable influence on detection-related roadmap decisions; positive feedback from Solutions Consulting, FDSA, and Product teams.
- What we're looking for Education and Experience: Education: Bachelor’s degree in Computer Science, Cybersecurity, or related field; or equivalent professional experience. Experience: Strong background in cybersecurity investigations, detection engineering, threat hunting, or security operations Hands-on experience developing, validating, and tuning detections in live or production environments Practical experience with detection and analysis technologies such as YARA, Sigma, SQL, and Python Familiarity with reverse engineering, malware analysis, or deep artifact analysis to support detection development Deep understanding of attacker techniques, tradecraft, and investigative workflows across endpoint, network, and cloud environments Ability to translate technical findings into clear, actionable feedback for Product and Engineering teams Preferred/Desirable: DFIR, SOC, or threat detection background in enterprise environments Experience contributing detections to security platforms or products Familiarity with endpoint, log, or telemetry-based detection systems Experience working in fast-moving, customer-facing security roles Skills & Behaviours Skills: Technical skills: You develop, validate, and tune detection logic using YARA, Sigma, SQL, and Python in real production environments. Detection engineering: You design detections grounded in investigator workflows and attacker tradecraft — not abstract theory — and refine them continuously based on real customer outcomes. Communication: You translate complex technical findings into clear, actionable feedback for Product and Engineering teams. Relationship building: You partner with customers, Solutions Architecture, and Field CIROs without losing technical rigor or investigative depth. Data-driven: You ground detection decisions in real telemetry, attacker behavior, and investigative outcomes — not theory. Project management: You manage multiple concurrent detection workstreams across live engagements and product integration without dropping signal. AI & Automation Fluency: Advanced. You design and build AI-powered automation systems across functions with a focus on business impact. You are expected to operate at Game Changer level on the Binalyze AI Fluency Matrix. Behaviours: Adaptability: You work comfortably with ambiguity and shifting attacker landscapes. You make calls with incomplete information and adjust as evidence emerges. Initiative: You identify detection gaps and investigative friction points without being asked. You don't wait for a brief. Collaborative: You work across CERT, Product, and Engineering as equal partners, sharing credit and surfacing tradeoffs honestly. Growth mindset: You treat every customer investigation as a chance to sharpen your detection craft and your understanding of attacker behavior. Remote working: You are effective at working asynchronously across time zones. You communicate proactively in writing (Slack, Confluence) and don't rely on being in the same room. +What we offer 28 days holiday allowance + wellbeing days + birthday off! Private medical insurance for you and your family. A supportive and collaborative team that's as passionate as you are. Home office setup support and fully remote and flexible working Great opportunities for growth and development Entertainment allowance Healthy living allowance
- Ready to make an impact? If you’re passionate about building great products, solving complex problems, and advancing the future of cybersecurity, we’d love to meet you.
- Diversity & Inclusion At Binalyze, we are committed to building a diverse and inclusive team. We welcome applicants from all backgrounds, perspectives, and experiences.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location