+
Login

Enter your email and password to log in if you already have an account on H512.com

Forgot password?
+
Създай своя профил в DEV.BG/Jobs

За да потвърдите, че не сте робот, моля отговорете на въпроса, като попълните празното поле:

70-34 =
Съгласен съм DEV.BG да обработва личните ми данни съгласно Уведомлението за поверителност
+
Forgot password

Enter your email, and we will send you your password

+
Please wait…
HR agency Elevate

Technical Lead (Threat detection)

ApplySubmit your application
Sofia Hybrid Toggle additional info
Workplace model that mixes in-office and remote work to offer flexibility to the employees.

The job listing is published in the following categories

Cybersecurity 66 Infrastructure 348
  • Anywhere
  • Report an issue Megaphone icon

Report an issue with the job ad

×

    What is wrong with the job listing?*
    Please describe the problem:
    In order to confirm you are not a robot please fill the answer to the calculation in the field:
    Tech Stack / Requirements

     

    Join a modern cyber engineering organization working on large-scale detection capabilities across hybrid cloud.

    High-impact role with full ownership over the SIEM roadmap, data onboarding and threat-driven use cases. Lead a mature team and shape the next evolution of the platform.

     

    Core tasks:

    • Own and drive the SIEM roadmap, ensuring alignment with the broader cybersecurity strategy.
    • Lead the design, development and improvement of detection use cases across SIEM, EDR and cloud-native platforms.
    • Manage onboarding of new data sources (parsing, normalization, validation of log quality).
    • Collaborate closely with other teams to translate emerging threats into actionable detection scenarios.
    • Work with engineering teams to enhance automation, integrations and overall SIEM platform functionality.
    • Break down epics into clear tasks, distribute work across the engineering team and ensure smooth execution.
    • Provide architectural guidance for SIEM-related components and maintain high-quality detection standards.
    • Develop and maintain reporting capabilities (dashboards, KPIs, coverage metrics).
    • Coordinate with stakeholders to ensure consistent processes, visibility and platform maturity.

     

    Your profile:

    • Strong background in cybersecurity with hands-on experience in SIEM engineering, detection development or threat-driven security.
    • 3+ years in a senior technical role (staff engineer, team lead, or similar).
    • Good understanding of threat frameworks and the cyber kill chain.
    • Experience designing and optimizing correlation rules, analytical logic, dashboards.
    • Practical experience with data ingestion, log onboarding, normalization.
    • Exposure to hybrid environments and enterprise-scale logging architectures.
    • Proficiency with at least one major SIEM/EDR platform (Splunk, LogRhytm, QRadar, or similar).
    • Ability to mentor and guide engineering teams, strategic mindset.
    • Professional certifications are considered an advantage.

    Benefits:

    • Mature engineering team and professional environment.
    • Work from abroad opportunities.
    • Employee assistance programs.
    • Budget for training & certs.
    • Up to 35 days paid leave.
    • Flexible working hours.
    • Hybrid (2 days office).
    • Luxury insurance.
    • Meal vouchers.
    • Sport card.

     

     

    Thank you for applying! Only shortlisted candidates will be contacted.

    Submit your application