Founding Detection Engineer – Cloud Security (Azure & KQL)

What if you could build detection systems that protect critical national infrastructure and shape the entire security stack from day one

Cybersecurity is more than compliance its infrastructure. Were launching a new cybersecurity startup to protect cloud-native systems behind critical public services. As our first detection engineer youll help define how we identify threats respond to them and build smart defenses from the ground up.

This isnt about joining an existing team youll shape the team. Youll have full influence on how detection is built automated and scaled with the freedom to choose the best tools for the job.

What youll do:

• Build and fine-tune threat detection strategies using Microsoft Sentinel and Defender tools

• Write and iterate on KQL queries to hunt signals and reduce alert fatigue

• Design and automate incident response workflows using scripting and playbooks

• Work in Azure-based cloud environments where security is core not bolted on

• Translate threat intel into real detection logic and share insights with team and clients

• Help shape how we think about Blue Team practices from first draft to future roadmap

What youll bring

• Strong experience with Microsoft Sentinel and Defender for Cloud Endpoint or XDR

• Confidence writing KQL from scratch and tuning it to reduce noise and improve signal

• Hands-on knowledge of MITRE ATT&CK and how it maps to real-world threats

• Experience scripting in PowerShell or Python

• An ownership mindset youre proactive technically curious and comfortable building in the unknown

Bonus if you have

• Microsoft certifications (SC-200 AZ-500 or SC-100)

• Experience in startup freelance or early-stage environments

• A passion for sharing knowledge (brown-bags tooling experiments blog posts)

• Experience helping shape SOC processes or automation tooling

What we offer

• A gross annual salary between 58000 and 93600 based on your experience

• 8% holiday allowance and a performance-based bonus

• Mobility budget or lease car option

• Hybrid working setup: remote flexibility with office access when needed

• 25 vacation days solid pension scheme and travel reimbursement

• 2500 annual learning & development budget to stay current with the security landscape

• Access to professional hacker tools cyber ranges and internal labs

• Freedom to explore your ideas contribute to open source and participate in internal hackathons

• The chance to build from scratch influencing not just tooling but culture process and future hires

• A real mission: helping protect national-level systems and making a measurable societal impact

Our process

• Step 1: Intro call

• Step 2: Meeting founder partners

• Step 3: Team interview Technical deep-dive

• Step 4: Offer

We aim to complete the process within 5 working days of your first call.

Lets talk

Interested but not sure if you check every box Wed still love to hear from you. No formal cover letter needed just reach out and lets start a conversation.