<div class="content-intro"><p><strong>WPP is the trusted growth partner for the world’s leading brands. </strong></p>
<p><strong>We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth. </strong><br><strong> </strong><br><strong>We have been building the world's most valuable brands for 50 years and have global reach across 100+ markets, with deep local expertise.</strong><br><strong> </strong><br><strong>Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow. </strong><br><strong> </strong><br><strong>For more information, visit <a href="https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwpp.com%2F&data=05%7C02%7CErica.Durr%40wpp.com%7C9bf4566a65bc46a48ac008de749116ea%7C150b5e663d884dee83f6ed149b727a00%7C0%7C0%7C639076363668176216%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=Q9juosud56XGLThSFZ1NpPZd6FXpJPxV74OeRZWoh%2B4%3D&reserved=0" target="_blank">WPP.com.</a></strong><br><strong> </strong></p></div><p><span style="text-decoration: underline;"><strong>Why we're hiring:</strong></span></p>
<p>Detection Engineering is responsible for designing, developing, and maintaining high-fidelity detection logic across enterprise security platforms. This role focuses on proactive threat detection, automation-first practices, and continuous improvement of detection coverage and accuracy, supporting the WPP SOC transformation into an Autonomic Security Operations model.</p>
<p><span style="text-decoration: underline;"><strong>What you'll be doing:</strong></span></p>
<ul>
<li>Develop, test, and maintain detection rules and logic across SIEM, EDR, NDR, and cloud-native platforms.</li>
<li> Regularly review and enhance detection logic to improve accuracy, reduce noise, and align with evolving threats.</li>
<li>Work with wider WPP engineering teams to ensure high-quality, normalized telemetry for effective detection.</li>
<li>Automate detection rule deployment, QA, and version control using scripting and CI/CD pipelines.</li>
</ul>
<p><strong>Root Cause Analysis (RCA)</strong></p>
<ul>
<li>Conduct RCA on missed detections, delayed responses, and high-severity incidents.</li>
<li> Identify technical and process-level causes of detection failures or inefficiencies.</li>
<li>Drive corrective actions based on RCA outcomes (e.g., rule improvements, visibility gaps).</li>
<li>Continuous Security Improvement (CSI)</li>
<li>Maintain a CSI backlog (detection gaps, telemetry blind spots, false positives to reduce).</li>
<li> Analyze detection performance metrics to identify trends and opportunities for improvement.</li>
<li>Align detection priorities with business risk and the SOC transformation roadmap.</li>
<li>Cross-Team Collaboration</li>
<li>Collaborate with SOC, Incident Response, and Threat Hunting teams to operationalize detection improvements.</li>
<li> Work with Threat Intelligence teams to integrate emerging TTPs into detection logic.</li>
<li>Contribute to purple team exercises by validating detection logic against simulated attack paths.</li>
</ul>
<p><strong>Strategic Alignment to GCAT SOC10x</strong></p>
<ul>
<li>10X People: Continuous learning and knowledge sharing within the team.</li>
<li>10X Process: Embed agile workflows and automation-first principles.</li>
<li>10X Technology: Leverage AI/ML for detection tuning and anomaly detectio.</li>
<li>10X Visibility: Ensure comprehensive telemetry ingestion and observability.</li>
<li>10X Speed: Reduce detection-to-response cycle through orchestration and automation.</li>
</ul>
<p> </p>
<p><span style="text-decoration: underline;"><strong>What you'll need:</strong></span></p>
<p> </p>
<p><strong>Technical Expertise</strong></p>
<ul>
<li>Strong knowledge of SIEM, SOAR, EDR, and cloud security platforms.</li>
<li>Proficiency in scripting and automation (Python, PowerShell).</li>
<li>Familiarity with detection-as-code principles and CI/CD pipelines.</li>
<li>Understanding of MITRE ATT&CK framework and threat-informed defense.</li>
</ul>
<p><strong>Collaboration & Communication</strong></p>
<ul>
<li> Ability to work closely with SOC analysts, threat hunters, and engineers.</li>
<li>Skilled in documenting detection logic and RCA outcomes.</li>
</ul>
<p><strong>Certifications (Preferred)</strong></p>
<ul>
<li>GIAC GCTI, GCFA, or equivalent advanced security certifications.</li>
</ul>
<p><strong>Key Attributes</strong></p>
<ul>
<li>Automation-first mindset with focus on scalability and resilience.</li>
<li>Strong analytical and problem-solving skills.</li>
<li>Excellent communication and teamwork capabilities.</li>
</ul>
<p> </p>
<p><span style="text-decoration: underline;"><strong>Who you are:</strong></span></p>
<p><strong>You're open<em>:</em> </strong>We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.</p>
<p><strong>You're optimistic<em>:</em></strong> <span id="628d56ad5d8a35dab853e65d9daa237c" class="editor-module-hl-green-solid">We believe</span> in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.</p>
<p><strong>You're extraordinary:</strong> we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.</p>
<p> </p>
<p><span style="text-decoration: underline;"><strong>What we'll give you:</strong></span></p>
<p><strong>Passionate, inspired people</strong> – We aim to create a culture in which people can do extraordinary work.</p>
<p><strong>Scale and opportunity</strong> – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.</p>
<p><strong>Challenging and stimulating work</strong> – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?</p>
<p><span style="color: rgb(236, 240, 241);"> </span></p><div class="content-conclusion"><p><strong>We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process.</strong></p>
<p><strong>WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.</strong></p>
<h4><strong>Please read our Privacy Notice (<a href="https://www.wpp.com/en/careers/wpp-privacy-policy-for-recruitment">https://www.wpp.com/en/careers/wpp-privacy-policy-for-recruitment</a>) for more information on how we process the information you provide.</strong></h4></div>
