Millennium SOC is looking for an experienced Threat Detection Engineer to drive our best-in-class posture.

This is a highly technical role, and successful candidates will have demonstrable knowledge and experience across a range of business and security technologies within a fast-paced organisation.

Principal Responsibilities

• Identify modern evolving threats and develop new detection and response approaches
• Create and operate high-fidelity detections mechanisms that drive efficient, effective and repeatable response
• Own, operate and automate detection and response workflows, that enable the team to focus on strategic objectives
• Lead Information Security response activities for the firm
• Work across business and technology teams to deliver positive outcomes across the firm
• Explain complex technology and information security related concepts to a wide range of stakeholders
• Enforce security policies and procedures by administering and monitoring appropriate systems, events and answering stakeholder queries
• Monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to Millennium key business initiatives and business strategies
• Ensure Millennium Information Security capabilities remain fit for purpose and evolve to meet the changing threat landscape

Qualifications/Skills Required

• Bachelor or master’s degree in computer science or cyber security with strong IT background or equivalent demonstrable experience
• 3 years’ experience working in a security engineering role, financial industry experience preferred
• Experience in creating detections in modern query languages (KQL, SQL, SPL)
• Possesses security certifications (Security+, OSCP, CISSP, CEH, GCIA, GCIH)
• Experience with modern security tooling across security domains; network, endpoint, data, identity and cloud
• Experience in standard enterprise technology stack, Active Directory, Entra, Group Policy, Intune, DNS, TCP/IP, PKI, Microsoft 365, Windows, Linux, MacOS, etc.
• Ability to handle sensitive and/or confidential materials with appropriate discretion
• Required scripting, development and automation skills using PowerShell or Python and proficient development tools
• Experience in OSINT, Threat hunting and analysing malicious emails
• Able to prioritise in a fast moving, high pressure, constantly changing environment

XML job scraping automation by YubHub

This is a unique opportunity to shape how frontier AI models handle dual-use cybersecurity knowledge,balancing the tremendous potential of AI to advance legitimate security research and defensive capabilities while preventing misuse by malicious actors.

In this role, you will lead and grow a team of technical specialists focused on cyber threat modeling and evaluation frameworks. You will serve as the primary domain expert on cyber harms, advising cross-functional teams on threat landscapes and mitigation strategies.

You will collaborate closely with internal and external threat modeling experts to develop training data for safety systems, and with ML engineers to train these systems, optimizing for both robustness against adversarial attacks and low false-positive rates for legitimate security researchers.

You will also analyze safety system performance in traffic, identifying gaps and proposing improvements. You will conduct regular reviews of existing policies and enforcement systems to identify and address gaps and ambiguities related to cybersecurity risks.

You will develop rigorous stress-testing of safeguards against evolving cyber threats and product surfaces. You will partner with Research, Product, Policy, Security Team, and Frontier Red Team to ensure cybersecurity safety is embedded throughout the model development lifecycle.

You will translate cybersecurity domain knowledge into actionable safety requirements and clearly articulated policies. You will contribute to external communications, including model cards, blog posts, and policy documents related to cybersecurity safety.

You will monitor emerging technologies and threat landscapes for their potential to contribute to new risks and mitigation strategies, and strategically address these.

You will mentor and develop team members, fostering a culture of technical excellence and responsible AI development.

To be successful in this role, you will need to have:

• An M.S. or PhD in Computer Science, Cybersecurity, or a related technical field, OR equivalent professional experience in offensive or defensive cybersecurity
• 5+ years of hands-on experience in cybersecurity, with deep expertise in areas such as vulnerability research, exploit development, network security, malware analysis, or penetration testing
• 2+ years of experience managing technical teams or leading complex technical projects with multiple stakeholders
• Experience in scientific computing and data analysis, with proficiency in programming (Python preferred)
• Deep expertise in modern cybersecurity, including both offensive techniques (vulnerability research, exploit development, penetration testing, malware analysis) and defensive measures (detection, monitoring, incident response)
• Demonstrated ability to create threat models and translate technical cyber risks into policy frameworks
• Familiarity with responsible disclosure practices, vulnerability coordination, and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework, CWE/CVE systems)
• Strong analytical and writing skills, with the ability to navigate ambiguity and explain complex technical concepts to non-technical stakeholders
• Experience developing policies or guidelines at scale, balancing safety concerns with enabling legitimate use cases
• A passion for learning new skills and an ability to rapidly adapt to changing techniques and technologies
• Comfort working in a fast-paced environment where priorities may shift as AI capabilities evolve
• Track record of translating specialized technical knowledge into actionable safety policies or enforcement guidelines

Preferred qualifications include:

• Background in AI/ML systems, particularly experience with large language models
• Experience developing ML-based security systems or adversarial ML research
• Experience working with defense, intelligence, or security organizations (e.g., NSA, CISA, national labs, security contractors)
• Published security research, disclosed vulnerabilities, or participated in bug bounty programs
• Understanding of Trust & Safety operations and content moderation at scale
• Certifications such as OSCP, OSCE, GXPN, or equivalent demonstrating technical depth
• Understanding of dual-use security research concerns and ethical considerations in AI safety

The annual compensation range for this role is $320,000-$405,000 USD.

XML job scraping automation by YubHub

This role is heavily weighted toward detection engineering. You should think in terms of adversary behaviour and telemetry coverage, not just alert triage. You'll own detections end-to-end: from identifying gaps in coverage, through designing and testing detection logic, to tuning and validating in production.

Key Responsibilities:

• Design, build, test, and tune high-fidelity detection rules and analytic queries across endpoint, cloud, network, identity, and DLP telemetry sources

• Develop and maintain detection content using detection-as-code practices including version-controlled logic, automated testing, and CI/CD deployment

• Map detection coverage to MITRE ATT&CK, identify gaps, and prioritise new detection development based on threat intelligence and business risk

• Engineer correlation rules, behavioural analytics, and anomaly-based detections that minimise false positives while surfacing real adversary tradecraft

• Own the detection lifecycle from initial development through production tuning, performance monitoring, and retirement

• Build and operate pipelines to ingest, normalise, enrich, and manage security telemetry at scale across diverse data sources, using Terraform and infrastructure-as-code practices to deploy and maintain logging and detection infrastructure

• Design and maintain log collection, parsing, and enrichment configurations that ensure the right telemetry is available at the right fidelity for detection and investigation

• Evaluate and onboard new telemetry sources as Saronic's infrastructure and threat landscape evolve

• Monitor pipeline health, data quality, and ingestion reliability to ensure detections operate on complete and accurate data

• Develop and manage automated response playbooks in SOAR platforms to accelerate containment and reduce analyst toil

• Build automation that enriches alerts with contextual data, reducing investigation time and improving analyst decision-making

• Support incident response efforts and translate lessons learned into improved detections and playbooks

• Partner with SOC analysts, Cloud Security, Product Security, and IT teams to close visibility and detection gaps across environments

• Collaborate with threat intelligence to ensure detection engineering is informed by current adversary TTPs relevant to defence, maritime, and autonomous systems

Required Qualifications:

• 3+ years of hands-on experience in detection engineering, security operations, security automation, or a closely related security engineering role

• Demonstrated experience designing, testing, and tuning detection rules and analytic queries across production security telemetry (endpoint, cloud, network, identity, or DLP)

• Hands-on experience with SIEM platforms and proficiency with query languages such as SPL, KQL, or equivalent

• Experience building and operating security data pipelines, including log ingestion, normalisation, enrichment, and data quality management

• Understanding of data engineering concepts including ETL pipelines, data modelling, schema design, and indexing as applied to security telemetry

• Hands-on coding experience in Python, PowerShell, Go, or Rust for security automation, detection tooling, or pipeline development, and familiarity with Terraform for managing detection and logging infrastructure as code

• Understanding of MITRE ATT&CK framework and its application to detection coverage and gap analysis

• Ability to obtain and maintain a security clearance

Preferred Qualifications:

• Experience in defence, aerospace, robotics, autonomy, or other high-assurance environments

• Experience with EDR platforms including custom detection rule creation and telemetry analysis

• Experience with cloud-native detection in AWS and Microsoft 365/Azure

• Experience using Terraform to deploy and manage security monitoring infrastructure, log pipeline components, or cloud-native security service configurations

• Hands-on experience with incident response, threat hunting, or adversary emulation

• Exposure to embedded Linux, operational technology, or ICS telemetry and detection

• Familiarity with NIST SP 800-171, NIST SP 800-53, or CMMC and their logging and monitoring requirements

• Relevant certifications such as GCIH, GCIA, GCDA, GSOM, OSDA, or OSCP

Additional Information:

• Benefits: Medical Insurance, Dental and Vision Insurance, Time Off, Parental Leave, Competitive Salary, Retirement Plan, Stock Options, Life and Disability Insurance, Pet Insurance

• This role requires access to export-controlled information or items that require 'U.S. Person' status.

XML job scraping automation by YubHub

Responsibilities: Scoping and performing mobile, web application, cloud, and infrastructure penetration tests. Collaborating with engineering teams to facilitate secure development, including reviewing and analysing proposed technical solutions to identify appropriate security controls, conducting code reviews of features and critical security components, and performing in-depth practical security testing. Advising on the remediation of security issues and identifying solutions to address root causes. Automating security testing and developing internal tooling to achieve continuous assurance. Identifying and implementing improvements to the team's internal processes and procedures. Mentoring less-experienced team members, leading by example in technical assessments, and promoting a collaborative approach to security across Starling.

Requirements: 5+ years technical information security experience. Experience in mobile, web application, cloud, and infrastructure penetration testing. Technical knowledge in mobile security (iOS and Android), web application security, networking and associated protocols, cloud security (AWS and GCP), containers and Kubernetes. Penetration testing qualifications (e.g. CREST Certified Tester, OSCP) or equivalent industry experience. Excellent verbal and written communication skills.

XML job scraping automation by YubHub

As a collaborative problem-solver, you are comfortable working across teams—from executives to engineers—to ensure robust security controls and compliance. You excel at conducting security investigations, analyzing complex events and alerts, and developing actionable metrics. Your familiarity with modern security frameworks, such as MITRE ATT&CK and Cyber Kill Chain, empowers you to identify and mitigate threats proactively. You are detail-oriented, organized, and adept at multitasking, thriving in environments that require prioritization and agility.

You are committed to ongoing learning, staying current with emerging security technologies and frameworks. Your experience spans cloud security (AWS, GCP, Azure), offensive security, and incident response. You enjoy participating in audits and assessments, contributing to a culture of continuous improvement. With strong communication skills and an inclusive mindset, you foster trust and collaboration across diverse teams. If you’re ready to make an impact at the forefront of cybersecurity innovation, Synopsys is the place for you.

Design, deploy, and manage enterprise-grade security solutions including CASB, SSPM, WAF, firewalls, and email protection across global environments. Integrate and implement network security solutions, ensuring seamless operation and compliance with Zero Trust security principles. Enforce CMMC regulations, technical data controls, and export authorization rules, including U.S. person-only access restrictions for controlled systems and datasets. Conduct and support external audits, internal reviews, and compliance assessments related to CMMC and other regulatory frameworks. Research, evaluate, pilot, and implement new security solutions at a global enterprise scale, collaborating with vendors and stakeholders. Investigate security events and alerts from multiple log sources, performing end-to-end security investigations, and reporting actionable findings. Develop and manage the collection, reporting, and analysis of security events and metrics to drive continuous improvement. Participate in incident response processes and supporting light on-call pager duty rotations for critical issues.

Strengthen Synopsys’ global security posture by implementing advanced security controls and best practices. Ensure compliance with CMMC and other regulatory frameworks, enabling secure operations for critical projects. Protect sensitive data, intellectual property, and infrastructure against emerging cyber threats. Drive continuous improvement in security operations through data-driven analysis and proactive risk management. Enhance cross-functional collaboration between engineering, compliance, and executive teams to foster a culture of security awareness. Support innovation by enabling secure cloud implementations and supporting offensive security initiatives.

Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or related field required. 5+ years of hands-on experience with enterprise-grade security solutions (CASB, SSPM, WAF, firewalls, email security). 2+ years of experience installing, integrating, and deploying network security solutions. Solid understanding of Zero Trust security principles and architectures. Deep knowledge of CMMC regulations, technical data controls, and export authorization rules. Experience enforcing U.S. person-only access restrictions for controlled systems and datasets. Experience with external audits, internal reviews, and compliance assessments. Broad experience securing cloud implementations (AWS, GCP, Azure) and offensive security domains. Hands-on experience with Zscaler, Palo Alto Networks, ProofPoint, and other leading security platforms. Relevant certifications (CEH, CISSP, GIAC, OSCP, AWS Certified Advanced Networking, Security+) preferred. US citizenship or Green Card required.

XML job scraping automation by YubHub

We are looking for a cybersecurity expert to lead our efforts to prevent AI misuse in the cyber domain. As a Cyber Harms Technical Policy Manager, you will lead a team applying deep technical expertise to inform the design of safety systems that detect harmful cyber behaviours and prevent misuse by sophisticated threat actors.

In this role, you will:

• Lead and grow a team of technical specialists focused on cyber threat modelling and evaluation frameworks
• Design and oversee execution of capability evaluations ('evals') to assess the cyber-relevant capabilities of new models
• Create comprehensive cyber threat models, including attack vectors, exploit chains, precursor identification, and weaponization techniques
• Develop and iterate on usage policies that govern responsible use of our models for emerging capabilities and use cases related to cyber harms
• Serve as the primary domain expert on cyber harms, advising cross-functional teams on threat landscapes and mitigation strategies
• Collaborate closely with internal and external threat modelling experts to develop training data for safety systems, and with ML engineers to train these systems, optimising for both robustness against adversarial attacks and low false-positive rates for legitimate security researchers
• Analyse safety system performance in traffic, identifying gaps and proposing improvements
• Conduct regular reviews of existing policies and enforcement systems to identify and address gaps and ambiguities related to cybersecurity risks
• Develop rigorous stress-testing of safeguards against evolving cyber threats and product surfaces
• Partner with Research, Product, Policy, Security Team, and Frontier Red Team to ensure cybersecurity safety is embedded throughout the model development lifecycle
• Translate cybersecurity domain knowledge into actionable safety requirements and clearly articulated policies
• Contribute to external communications, including model cards, blog posts, and policy documents related to cybersecurity safety
• Monitor emerging technologies and threat landscapes for their potential to contribute to new risks and mitigation strategies, and strategically address these
• Mentor and develop team members, fostering a culture of technical excellence and responsible AI development

You may be a good fit if you have:

• An M.S. or PhD in Computer Science, Cybersecurity, or a related technical field, OR equivalent professional experience in offensive or defensive cybersecurity
• 5+ years of hands-on experience in cybersecurity, with deep expertise in areas such as vulnerability research, exploit development, network security, malware analysis, or penetration testing
• 2+ years of experience managing technical teams or leading complex technical projects with multiple stakeholders
• Experience in scientific computing and data analysis, with proficiency in programming (Python preferred)
• Deep expertise in modern cybersecurity, including both offensive techniques (vulnerability research, exploit development, penetration testing, malware analysis) and defensive measures (detection, monitoring, incident response)
• Demonstrated ability to create threat models and translate technical cyber risks into policy frameworks
• Familiarity with responsible disclosure practices, vulnerability coordination, and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework, CWE/CVE systems)
• Strong analytical and writing skills, with the ability to navigate ambiguity and explain complex technical concepts to non-technical stakeholders
• Experience developing policies or guidelines at scale, balancing safety concerns with enabling legitimate use cases
• A passion for learning new skills and an ability to rapidly adapt to changing techniques and technologies
• Comfort working in a fast-paced environment where priorities may shift as AI capabilities evolve
• Track record of translating specialised technical knowledge into actionable safety policies or enforcement guidelines

Preferred Qualifications:

• Background in AI/ML systems, particularly experience with large language models
• Experience developing ML-based security systems or adversarial ML research
• Experience working with defence, intelligence, or security organisations (e.g., NSA, CISA, national labs, security contractors)
• Published security research, disclosed vulnerabilities, or participated in bug bounty programs
• Understanding of Trust & Safety operations and content moderation at scale
• Certifications such as OSCP, OSCE, GXPN, or equivalent demonstrating technical depth
• Understanding of dual-use security research concerns and ethical considerations in AI safety

XML job scraping automation by YubHub