Lead Threat Detection & Response Engineer

About Tide

At Tide, we are building a finance & admin platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting. 

Launched in 2017, Tide is now the leading business financial platform in the UK with 575,000 SME members (10% market share) and more than 250,000 SMEs in India. Headquartered in London, Tide has over 1,800 Tideans across the UK, Bulgaria, India, Serbia, Romania, Ukraine and Germany. 

Tide is rapidly growing, expanding into new markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money.   

About the role

The Tide Security Engineering team is made up of three core areas: Product Security, Threat Detection & Response, and Identity.

Product Security consists of application and cloud security experts. Their mission is to protect the products we build, covering everything from secure design reviews to threat modelling and penetration testing, ensuring security is embedded from the ground up.

Threat Detection & Response (this role!) focuses on protecting the company by building a robust detection and automation platform. We’re proactive in our defence, constantly hacking ourselves to improve our security posture and staying ahead of emerging threats. Our goal is to make Tide resilient against the ever-evolving threat landscape.

Identity is responsible for managing Tide's staff identity platform, ensuring that access to systems and infrastructure is secure, seamless, and aligned with modern security practices. The team uses strategies like zero trust, multi-factor authentication, and granular role-based access controls to safeguard our internal operations.

While each area has its own focus, collaboration is key - it's why we share the same Slack channel and hold our standups together as one cohesive team, ensuring alignment and seamless communication across all security functions.

As a Lead Threat Detection Engineer, you’ll be:

• Defining and implementing a strategic vision for threat detection, driving the overall direction and priorities for a team of highly talented engineers
• Hands-on with the SIEM; from creating log parsers for in-house web apps to visualising data Looker dashboards
• Creating security automations and playbooks to automate mundane tasks; from data enrichment to automatically removing phishing emails from employee mailboxes. We want you to run with the “anything is possible” mantra
• Continuously hunting for sophisticated threats across our infrastructure, leveraging threat intelligence and innovative detection techniques to stay ahead of attackers. You'll monitor and respond to threats across AWS, GCP, internal applications, and employee endpoints (Windows, macOS).
• Working with teams across the business to help create business specific detections
• Responsible for ensuring good quality detections which align with our Definition of Done guidelines.
• Identifying opportunities to build or enhance internal tools that streamline threat detection processes, improve data visibility, and increase response efficiency.
• Leading complex incident investigations, coordinating efforts across the security, IT, and engineering teams to ensure rapid and effective containment, remediation, and recovery.

What makes you a great fit:

• Strong knowledge with one of the following: Splunk, Chronicle, Panther.
• Strong understanding of modern attack and defence techniques which apply to Cloud (AWS, GCP), SaaS (such as Google Workspace and Okta) and desktop (Windows and macOS) environments.
• Passion for passing on knowledge to fellow colleagues.
• Hands-on attitude and the ability to drive solutions to completion.
• Strong experience in security automation, from writing scripts to creating end-to-end automated workflows. Familiarity with SOAR platforms and automating threat detection and response tasks.
• Excellent spoken and written communication skills.
• Experience with writing automation and scripts; bonus points if you have a repository to show-case your work.

What you’ll get in return:

• Flexible working options
• Share options 
• Group Life Insurance 
• Vitality Health Insurance, with a proactive focus on mental and physical wellbeing
• 25 days holiday with the ability to buy extra days
• 3 days for L&D or volunteering time off per year
• We invest in your development with a £1,000 professional L&D budget per year
• Access to ‘salary sacrifice’ benefits such as Cycle to Work scheme and pension contribution
• Spacious brand-new office near Old Street with an all-day snacks bar
• Enhanced family-friendly leave
• Sabbatical leave 

Tidean Ways of Working

At Tide, we champion a flexible workplace model that supports both in-person and remote work to cater to the specific needs of our different teams. 

While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community. 

Tide is a place for everyone

At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives. 

We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.

#LI-EP #LI-Remote #LI-Hybrid