Security Detection Engineer

Chennai, Tamil Nadu
Permanent
Full-time

15 days ago

WPP is the trusted growth partner for the world's leading brands.We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company - powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth.We have been building the world's most valuable brands for 50 years and have global reach across 100+ markets, with deep local expertise.Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow.For more information, visitWhy we're hiring:Detection Engineering is responsible for designing, developing, and maintaining high-fidelity detection logic across enterprise security platforms. This role focuses on proactive threat detection, automation-first practices, and continuous improvement of detection coverage and accuracy, supporting the WPP SOC transformation into an Autonomic Security Operations model.What you'll be doing:

Develop, test, and maintain detection rules and logic across SIEM, EDR, NDR, and cloud-native platforms.
Regularly review and enhance detection logic to improve accuracy, reduce noise, and align with evolving threats.
Work with wider WPP engineering teams to ensure high-quality, normalized telemetry for effective detection.
Automate detection rule deployment, QA, and version control using scripting and CI/CD pipelines.

Root Cause Analysis (RCA)

Conduct RCA on missed detections, delayed responses, and high-severity incidents.
Identify technical and process-level causes of detection failures or inefficiencies.
Drive corrective actions based on RCA outcomes (e.g., rule improvements, visibility gaps).
Continuous Security Improvement (CSI)
Maintain a CSI backlog (detection gaps, telemetry blind spots, false positives to reduce).
Analyze detection performance metrics to identify trends and opportunities for improvement.
Align detection priorities with business risk and the SOC transformation roadmap.
Cross-Team Collaboration
Collaborate with SOC, Incident Response, and Threat Hunting teams to operationalize detection improvements.
Work with Threat Intelligence teams to integrate emerging TTPs into detection logic.
Contribute to purple team exercises by validating detection logic against simulated attack paths.

Strategic Alignment to GCAT SOC10x

10X People: Continuous learning and knowledge sharing within the team.
10X Process: Embed agile workflows and automation-first principles.
10X Technology: Leverage AI/ML for detection tuning and anomaly detectio.
10X Visibility: Ensure comprehensive telemetry ingestion and observability.
10X Speed: Reduce detection-to-response cycle through orchestration and automation.

What you'll need:Technical Expertise

Strong knowledge of SIEM, SOAR, EDR, and cloud security platforms.
Proficiency in scripting and automation (Python, PowerShell).
Familiarity with detection-as-code principles and CI/CD pipelines.
Understanding of MITRE ATT&CK framework and threat-informed defense.

Collaboration & Communication

Ability to work closely with SOC analysts, threat hunters, and engineers.
Skilled in documenting detection logic and RCA outcomes.

Certifications (Preferred)

GIAC GCTI, GCFA, or equivalent advanced security certifications.

Key Attributes

Automation-first mindset with focus on scalability and resilience.
Strong analytical and problem-solving skills.
Excellent communication and teamwork capabilities.

Who you are:You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.What we'll give you:Passionate, inspired people - We aim to create a culture in which people can do extraordinary work.Scale and opportunity - We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.Challenging and stimulating work - Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we've adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process.WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.Please read our Privacy Notice ( ) for more information on how we process the information you provide.Create a Job AlertInterested in building your career at WPP? Get future opportunities sent straight to your email. Create alert

WPP

Apply Now