Security Detection Engineering Lead

Confirmed live in the last 24 hours

WPP

Chennai, Tamil Nadu, India

Hybrid

Posted April 1, 2026

Job Description

WPP is the trusted growth partner for the world’s leading brands.

We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth.

We have been building the world's most valuable brands for 50 years and have global reach across 100+ markets, with deep local expertise.

Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow.

For more information, visit WPP.com.

Why we're hiring:

The Detection Engineering Lead is responsible for managing and mentoring detection engineers, driving the development and optimization of detection logic, and ensuring alignment with SOC transformation goals. This role combines technical depth with leadership, focusing on automation-first practices and continuous improvement of detection coverage and fidelity.

What you'll be doing:

Detection Engineering Leadership

· Lead and mentor detection engineers, fostering innovation and continuous learning.
· Oversee design, development, and deployment of detection logic across SIEM, EDR, NDR, and cloud-native platforms.
· Implement detection-as-code lifecycle (CI/CD pipelines, version control, automated QA).
· Maintain detection performance dashboards and KPIs (true/false positive rates, missed detections, alert-to-response time).

Cross-Team Collaboration

· Work closely with Threat Intelligence, Incident Response, and Threat Hunting teams to operationalize detection improvements.
· Translate post-incident findings into detection enhancements and automation opportunities.
· Support purple team exercises to validate detection logic against adversary TTPs.
Continuous Security Improvement (CSI)
· Maintain a backlog of detection gaps, telemetry blind spots, and false positives for remediation.
· Drive initiatives to improve detection coverage and efficiency using automation and analytics.
· Align detection priorities with business risk and SOC transformation roadmap.

Strategic Alignment to GCAT SOC10x

· 10X People: Build team capability through training and knowledge sharing.
· 10X Process: Embed agile workflows and automation-first principles.
· 10X Technology: Leverage AI/ML for detection tuning and anomaly detection.
· 10X Visibility: Ensure comprehensive telemetry ingestion and observability.
· 10X Speed: Reduce detection-to-response cycle through orchestration and automation.

What you'll need:

Technical Expertise