
Detection Engineering & Response Lead
NebiusAbout Nebius:
Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure.
Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI.
Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.
The Role
We're hiring a Detection Engineering & Response Lead to build and run our D&R capability from the ground up. You'll own the detection engineering, threat intelligence, and incident response functions across Nebius Cloud - and lead a small, growing team of analysts and engineers.
This is a lead engineering role responsible for detection development, handling the most complex security incidents, forensics, and shaping the D&R strategy.
What you’ll do
-
Lead detection development: achieve full MITRE coverage, maintain low false-positive and false-negative rates. Work closely with alerts consumers (20+ teams) to keep noise low and signal high, ensuring they can act quickly without missing genuine threats.
-
Architect and operate detection coverage across our cloud and bare-metal environments
-
Build and extend our internal D&R tools and pipelines - onboard new logs, build and automate response runbooks.
-
Integrate threat intelligence into detection logic and IR playbooks, tracking adversary TTPs relevant to Cloud infrastructure
-
Lead incident response end-to-end: scoping, containment, root cause analysis, post-incident reviews and controlling critical action items are closed to prevent future possible incidents.
-
Partner with Compliance and Engineering teams to detect real threats while meeting the needs of both engineers and regulators.
-
Define and report on D&R metrics: MTTD, MTTR, detection coverage, false positive rates, etc.
-
Build and maintain Security Incident Response program: people, processes, tools.
-
Build tools, runbooks, and on-call processes that scale as the company grows.
What we look for
-
6+ years in security operations, detection engineering, or incident response — with at least 1–2 years leading or mentoring a team.
-
Deep hands-on experience with cloud-native environments (Kubernetes, Linux workloads, container-based inf
Opens the company's application page
Listed via
Jobicy
jobicy.com
Similar roles
Design & Tech
Related reads from TCHNX

The Quiet Revolution in Local-First Software
As major platforms face outages and data breaches, a new generation of developers is building applications that prioritise local data storage and peer-to-peer sync, challenging the cloud-first orthodoxy that's dominated tech for two decades.

The Quiet Revolution in Edge AI: Why Your Next Computer Might Not Need the Cloud
As neural processing units become standard in consumer devices, we're witnessing a fundamental shift in how AI applications work. Local processing is no longer a fallback; it's becoming the preferred architecture.

The Rise of AI-Assisted Code Generation 2: Are Developers Becoming Prompt Engineers?
As AI coding assistants reshape software development, the industry grapples with a fundamental question: is writing code giving way to writing prompts? We examine how London's tech scene is adapting to this seismic shift.

