Cyber Security Specialist

Threat Detection Engineer

Client of Brabers | Hybrid – Amsterdam / The Hague (3 days onsite from January 2026)

About the Role

Brabers is supporting a leading international organization in strengthening its cyber defence capabilities. As part of this effort, we are looking for an experienced Threat Detection Engineer to join the client’s Cyber Security division.

You will be part of the CISO organization within the client’s Information and Digital Technology function. The Threat Detection Engineering team plays a key role in enabling the Cyber Defence operation by designing, developing, and maintaining advanced cyber threat detection capabilities. These capabilities identify adversarial tactics, techniques, and procedures (TTPs), empowering rapid response to security incidents and potential breaches.

Key Responsibilities

As a Threat Detection Engineer, you will:

• Develop and maintain detection rules, correlation searches, and reporting capabilities that generate actionable alerts.
• Build and optimize detection logic in Splunk and Microsoft Sentinel, ensuring high accuracy and performance.
• Continuously refine detection mechanisms to keep pace with evolving threats.
• Manage and deliver the Threat Detection Use Case backlog, from concept through deployment.
• Utilize scripting and programming languages to test and validate use cases, integrating them into Git repositories and CI/CD pipelines.
• Translate Indicators of Compromise (IoCs) and behavioral analytics into robust, automated detection algorithms.
• Collaborate closely with various Cyber Defence teams (Threat Intelligence, Detection, Incident Response, Red Team) to align on priorities and detection requirements.
• Act as a quality gatekeeper for all new and existing use cases, focusing on minimizing false positives and operational rework.
• Contribute to a culture of continuous learning, sharing knowledge and best practices across the wider Cyber Defence organization.
• Support automation efforts for testing and validation of detection use cases.

What You Bring

• Strong background in IT security engineering with hands-on experience in threat detection and response.
• Deep understanding of secure-by-design solution principles.
• Proven experience with coding/scripting (e.g., Python, PowerShell, Bash).
• Advanced proficiency in Splunk SPL, with experience in Microsoft Sentinel KQL preferred.
• Relevant certifications such as SC-200 or Splunk Certified are advantageous.
• Experience developing IoCs and detection content in SIEM platforms.
• Practical knowledge of Git and CI/CD processes.
• Solid understanding of modern IT infrastructure including Azure, AWS, Linux/Unix, Windows, network devices, and firewalls.
• Up-to-date awareness of cyber security trends, threat landscapes, and defensive technologies.
• Excellent communication skills with the ability to provide clear and informed guidance to both technical and non-technical stakeholders.

Location & Working Model

This position is based in Amsterdam or The Hague, with an expectation to work onsite three days per week starting January 2026.