Cyber Threat Detection Manager - #1800377

Job Description

Cyber Threat Detection Manager

About GKN Automotive

GKN Automotive is a world-leading global automotive technology company at the forefront of innovation. Its origins date back to 1759 and for the last 70 years it has been putting key technologies into series production.

We are the trusted partner for most of the world’s automotive companies, specialising in developing, building, and supplying market-leading drive systems and advanced ePowertrain technologies.

GKN Automotive is part of Dowlais Group plc, a specialist engineering group focused on the automotive sector.

What you’ll do:

The Cyber Threat Detection Manager plays a critical role in strengthening the organisation’s cyber defence capabilities. By combining threat intelligence with sophisticated detection engineering, this role proactively identifies, analyses, and responds to emerging threats. Through continuous monitoring, threat hunting, and the development of effective detection use cases, the Cyber Threat Detection Manager helps ensure that the organisation remains resilient against evolving cyber risks. This position is key to enabling a proactive, intelligence-driven security posture that protects the company’s assets, data, and reputation.

As this role operates within a dynamic Security Operations environment, there may be occasions where you will be required to provide surge capacity in response to emerging security incidents or newly identified vulnerabilities. This includes stepping in to support urgent investigations, remediation efforts, or other time-sensitive security activities that may arise to protect the business.

Key responsibilities include:

• Collect, analyse, and contextualise threat intelligence from internal and external sources.
• Collaborate with suppliers, intelligence vendors and communities to stay ahead of emerging threats and indicators of compromise (IOCs).
• Translate threat intelligence into actionable insights for detection and response.
• Develop hypotheses based on threat intelligence and test them using available telemetry.
• Design, implement, and lead detection rules and analytics in SIEM, EDR, and other security tooling.
• Develop and align logic based on MITRE ATT&CK and other frameworks.
• Collaborate with internal/external security teams to ensure detections are actionable and reduce false positives.
• Maintain a use case repository with lifecycle tracking (creation, testing, deployment, retirement).
• Produce regular reports on threat trends, detection coverage, and hunting outcomes.
• Develop dashboards and KPIs to measure detection effectiveness and threat landscape coverage.
• Present findings and recommendations to technical and non-technical collaborators.
• Know the latest threat actor tactics, techniques, and procedures (TTPs).
• Evaluate and recommend new tools, techniques, and technologies to improve detection capabilities.
  
  

What you’ll need:

• Demonstrable experience in information security, with a focus on security operations.
• Consistent track record in stakeholder and partner/vendor management and collaboration across various departments.
• Must have hands-on experience with technical tools commonly used in Security Operations, including but not limited to SIEM platforms (e.g., Microsoft Sentinel), Endpoint Detection and Response (EDR) solutions, Threat Intelligence platforms (e.g., KELA), and Vulnerability Management tools (e.g., Qualys).
• Good understanding of relevant threat actors and relevant frameworks
• Proven background in creating hunting hypotheses and executing.
• Ability to scope, build and refine detection in common security tooling (EDR/SIEM), and manipulate logs from systems, endpoints and cloud.
• Proficient in at least one scripting language.
• Proficient in KQL (Kusto Query Language).
  
  

Why you’ll love working here:

• Market-leading company with lots of potential
• Opportunity to take part in brand-new company projects
• Attractive salary and benefits at a stable and financially healthy company
• An organisation where you can commit to the long-term
• Working in the OneIT team with colleagues around the globe
  
  

How to apply:

Please follow the link on our careers page and submit your resume in English because we are an international environment, and English is our business language.

If you need any adjustments made to support your application, for example, if you require information in different formats, or if you have any accessibility issues, then we have a process in place to support you – please feel free to get in touch with us at [email protected] (mailto:[email protected])

Deadline:

The closing date will be July 25th

GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the world’s car manufacturers.

As a global engineering company, innovation is what differentiates us from our competitors and is central to our success. A balance of cultures, ethnicities and genders help bring new ideas and creativity to GKN Automotive. We need people of different backgrounds, with different skills and perspectives to spark originality, imagination and creativeness in our teams around the world.

GKN Automotive is an equal opportunity employer. We treat all our employees and applicants fairly and are committed to ensuring that there is no discrimination or harassment against any employee or qualified applicant on the grounds of age, race, creed, colour, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status or any other characteristic protected by law. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process. Please contact us to request any such accommodation.