Threat Detection Engineer


Location: Glasgow City

Job Type: Full time


Would you like to work in a supportive, collaborative and innovative company?

Do you enjoy working as part of an enthusiastic, passionate, and collaborative team?

Join our DevOps team

The Site Reliability Engineering team deliver complete technical solutions using leading edge technology. We are a skilled team of system developers, software engineers, architects, and support engineers who work as a single unit to understand the problems faced by other departments and design a sustainable solution that fits their needs.

Success. The Softcat Way.

Softcat is a £1billion+ pa turnover technology solutions business and trusted partner to names like Apple, Microsoft and Adobe. Offering a growing portfolio of services including software licensing, cyber security and IT infrastructure, we give our technical teams the tools and support to make exciting things happen. This is where to achieve more for your career.

Our Threat Detection Engineer must have strong background in cyber security and technical adaptability as they are responsible for translating the ever-evolving cyber threat landscape into legitimate threats and developing the associated runbooks and automation to effectively triage them for the CyberOps Team. The Threat Detection Engineer should be comfortable across a range of SIEM alerting platforms and have a development background with strong experience in Python frameworks.

Have you got skills in Python and have experience chasing threats?

As a Threat Detection Engineer, you'll be responsible for:

  • Requirements analysis and SIEM Use Case design, validation, and testing in QA
  • Development of SOC triage runbooks for developing threats
  • Develop Microsoft Sentinel content including Detection rules, Functions, Playbooks, LogicApps and Query Time Parser
  • Work closely with key Softcat Cyber Stakeholders to support the development of strategic roadmaps
  • Contribute to Cyber systems and infrastructure integration initiatives within the business. Working alongside Solution Architects, Management, and engineering.
  • Integrate internal systems with 3rd party products and build tooling around them.
  • Provide 3rd line support for use case automation issues

What we need from you

  • Experience working with in complex MSP environments with stringent security, risk & compliance, and privacy requirements.
  • In Depth knowledge of the MITRE ATT&CK framework
  • Aptitude to pick up new technologies and provide training to other members of the wider engineering team
  • Expertise in Python and Test-driven development
  • Experience Automating and orchestrating using APIs
  • Working Experience with common CI/CD frameworks/tooling (Jenkins/Circle CI/Git Pipelines)
  • Experience with SIEM Platforms, including working with logs and creating correlation searches and dashboards


  • This individual will be put through BPSS clearance, so you will need to be eligible and willing to undergo such vettting.

Work in a way that works for you

We recognise that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:

  • Hybrid working – 2-3 days in the office and 2-3 days working from home
  • Working flexible hours - flexing the times you start and finish during the day
  • Flexibility around school pick up and drop offs

Working with us

Wherever you work, we want you to experience the freedom and autonomy to realise your potential. You will feel supported by a team that celebrates individuality, encourages different perspectives, and embraces every background.

Join us

To become part of the success story, please apply now

As part of our commitment to supporting, attracting and retaining the best diverse talent, Softcat is proud to partner with organisations like WORK180, My G Work and Black Young Professionals. Work 180 endorse employers that demonstrate on-going support for women at work, including offering benefits and policies that best support female employees. My G Work support us in our aim of attracting more LGBTQ+ talent. The BYP network support us in diversifying our talent pool by tapping into the black professional community.

You’ve got this!