Threat-Led Detection Engineer
Job Description
The Threat-Led Detection Engineer will design and maintain high-quality threat detections within WTW’s Global Information and Cyber Security Defence (ICSD) function, helping identify adversary activity quickly across a global environment. This hands-on role focuses on building and tuning detection rules, mapping them to attacker behaviours, and contributing to a Detection-as-Code framework. Working closely with SOC, Threat Hunting, CTI, and Incident Response teams, you will turn intelligence into effective detections while supporting a global security community and promoting a strong security culture. The role is based in London and follows a hybrid working model, with the expectation of attending the office as and when required on business demand.