Subscribe to the latest remote jobs:

Security Engineer - Detection Engineering and Threat Modeling

šŸ‡µšŸ‡± Poland

Python

Docker

AWS

Azure

Finance

Design

Cybersecurity

Recruitment

Devops

SQL

Security Engineer

Security Engineer - Detection Engineering and Threat Modeling

from šŸ‡µšŸ‡± Poland

Location:

Krakow, Lesser Poland, Poland

Job ID:

R0135385

Date Posted:

2026-07-07

Company Name:

HITACHI ENERGY SERVICES SP. Z O.O.

Profession (Job Category):

IT, Telecom & Internet

Job Schedule:Ā 

Full time

Remote:

No

Job Description:

The Opportunity

Join Hitachi Energy as a Security Engineer specializing in Threat Modeling and Detection Engineering, and play a critical role in strengthening our cybersecurity operations. In this position, you will help design and enhance detection capabilities, onboard and secure new data sources, and drive automation that improves the effectiveness and efficiency of the Security Operations Center (SOC). Working at the intersection of threat detection, systems engineering, and cybersecurity, you will contribute to protecting critical infrastructure and enabling a proactive, intelligence-driven approach to cyber defense.

How You Will Make an Impact

  • Design, develop, and tune detection rules within the SIEM to improve threat visibility and reduce false positives

  • Onboard new log sources by building ingestion pipelines, normalizing data, and ensuring high-quality integration into the SIEM

  • Perform threat modeling of systems and log sources to identify detection requirements and security gaps

  • Build and maintain automation solutions that improve SOC workflows, reporting, and operational efficiency

  • Collaborate with cybersecurity and engineering teams to continuously enhance detection coverage against evolving threats

  • Apply threat intelligence and frameworks such as MITRE ATT&CK to strengthen monitoring and response capabilities

  • Contribute to detection-as-code practices and CI/CD-driven security operations processes

  • Support continuous improvement of security monitoring, alert quality, and overall cyber defense effectiveness

Your Background

  • 2–3 years of experience in detection engineering, security operations, or related cybersecurity engineering roles

  • Experience writing and tuning SIEM detection rules and developing actionable detection content

  • Knowledge in Python, KQL, SQL, or similar technologies used for security monitoring and automation

  • Understanding of log sources across endpoint, identity, network, cloud, and infrastructure environments

  • Experience with Microsoft Sentinel, Defender Suite, Azure, AWS, Docker, Linux, or similar security technologies is an advantage

  • Familiarity with threat modeling, MITRE ATT&CK, log ingestion pipelines, and security automation practices

NOTE: this is maternity coverage - 12 months contract

More about us

At Hitachi Energy, we recognize that our people are at the heart of our success. We are committed to providing a supportive and inclusive workplace, competitive rewards, and opportunities for professional and personal growth. Our benefits package is designed to help employees thrive both at work and in their personal lives.

Our benefits offering for this role generally includes:

  • Private medical care and life insurance​
  • Access to fitness and wellness programs​
  • Access to benefits platform with discounts and perks​
  • Employee Capital Plans (PPK)​
  • Equipment for working from home or allowances for setting up a workplace at home​
  • Spectacles and contact lenses allowance​
  • Company events and team‑building activities​
  • Psychological support program​
  • Free parking available

Add if applicable: additional benefits may apply depending on the role, grade, and business requirements.

You will receive more specific information during the recruitment process.

Accessibility and reasonable accommodation

Qualified individuals with a disability may request a reasonable accommodation if you are unable or limited in your ability to use or access the Hitachi Energy career site as a result of your disability. You may request reasonable accommodations by completing ageneral inquiry form on our website. Please include your contact information and specific details about your required accommodation to support you during the job application process.


This is solely for job seekers with disabilities requiring accessibility assistance or an accommodation in the job application process. Messages left for other purposes will not receive a response.


Use of Al and automated tools in recruitment

As part of our recruitment process, Hitachi Energy uses digital and automated tools, including Al-supported solutions, to assist with activities such as application screening, job matching, and interview scheduling. These tools are designed to support our recruiters and do not replace human decision-making. Candidate data is processed in accordance with applicable data protection and employment laws as well asHitachi's Global Data Privacy Notice.

Background Screening and Security Checks

As part of the hiring process, Hitachi Energy conducts pre-employment background checks that may include verification of employment history, education, criminal records, and other relevant information, in accordance with applicable laws.

For certain roles—particularly those involving access to sensitive information, financial responsibilities, client data, regulated environments, or security-sensitive functions—additional or more comprehensive background or security screenings may be required. These may include, but are not limited to, enhanced criminal history checks, credit history reviews (where legally permissible), sanctions screening, or other due diligence measures aligned with the responsibilities of the position.

The scope and depth of any background or security review will be determined based on the nature of the role and business necessity, and will always be conducted in compliance with applicable federal, state, and local laws. Candidates will be notified and, where required, asked to provide consent prior to the initiation of any such checks.

by @maxrusakovic