Cyber Security Detection Engineer

About the Team At Trendyol Tech, our mission is to create a positive impact in our ecosystem by enabling commerce through technology. We solve complex problems with data, creativity, and agility — always driven by real outcomes. With a culture built on learning, collaboration, and ownership, we grow together while building what’s next. About The Role As a Cyber Security Detection Engineer, you will be a cornerstone of our defensive security architecture. This role is designed for a technical expert who excels at building, optimizing, and automating threat detection capabilities within complex, high-scale environments. You will be responsible for ensuring that our security telemetry is not only comprehensive but also actionable and high-performing. Your primary focus will be the end-to-end lifecycle of security detection: from the engineering of SIEM infrastructure and log orchestration to the development of sophisticated detection logic and automated response playbooks (SOAR). Working at the intersection of Security Operations, Cloud Engineering, and Compliance, you will ensure our defense mechanisms are aligned with industry frameworks such as MITRE ATT&CK and rigorous global standards like ISO27001 and PCI-DSS. Responsibilities

Manage, maintain, and tune the SIEM infrastructure to ensure high-performance log ingestion, processing, and query speeds.

Lead the automation strategy by authoring comprehensive runbooks and developing custom scripts. 

Design, implement, and continuously fine-tune high-fidelity detection rules. 

Partner with stakeholders and cross-functional teams (Engineering, Product, SRE, IT, Legal) to adapt in a dynamic security landscape.

Evaluate and implement emerging security technologies and methodologies to continuously enhance our security posture and operational efficiency.

Ensure compliance with security standards and regulations (e.g ISO27001, PCIDSS) Support audits and security assessments by ensuring controls are properly implemented and evidenced.

Expected Qualifications

3+ years of experience in security.

Manage and optimize the performance of SIEM platform to ensure effective security monitoring, incident detection, and response.

Author comprehensive runbooks, write automation scripts, and build SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.

Design, implement, and fine-tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities.

Utilize MITRE ATT&CK, Cyber Kill Chain, and other frameworks for threat modeling, detection strategy, and incident response.

Hands-on familiarity with cloud security, Kubernetes, and modern CI/CD environments.

Support ongoing security compliance, audit, and certification programs.

Experience with Unix/Linux environments.

Excellent analytical and problem-solving skills.

Strong written and verbal communication skills in English.

Certifications such as CISSP, GCIH, GCFA, CEH, or GCDA are preferred.