MCPNew: now works with Claude & AI assistants
acemoneytransfer

acemoneytransfer

Website

Detection Engineering, Threat Intelligence & Threat Hunting Analyst

Company

acemoneytransfer

Role

Detection Engineering, Threat Intelligence & Threat Hunting Analyst

Location

ASC, Kharian

Job type

Full-time

Found on Mokaru

Yesterday

Share this job

Salary

Not disclosed by employer

Job description

About Us

ACE Money Transfer is a UK-based company headquartered in Manchester, United Kingdom. The company is an online remittance service provider for customers in the UK, Canada, Australia, and the European Union, including Switzerland. The company is the parent company of a group of companies with a diversified portfolio, including digital wallet services in the UK, as well as real estate, advertising businesses, and software solutions in Pakistan.

ROLE OVERVIEW

A junior-to-mid-level specialist role supporting ACE Money Transfer's security operations function across three areas: keeping the SIEM healthy and well-tuned, tracking threats relevant to ACE's environment, and proactively looking for signs of compromise that automated alerts may miss. The role is well-suited to someone with 1–2 years of SOC or security analyst experience who wants to grow beyond reactive alert triage into detection, intelligence, and hunting work.

KEY RESPONSIBILITIES

  • Monitor and fine-tune SIEM alerts, reduce noise, adjust thresholds, and flag rules that are generating too many false positives.
  • Write and update basic SIEM detection rules for common attack patterns, guided by MITRE ATT&CK and with support from the wider team.
  • Keep ACE's IOC list up to date by adding new malicious IPs, domains, and file hashes from threat feeds and ensuring they are blocked in SIEM and WAF.
  • Monitor threat intelligence sources (NCSC, CISA, vendor advisories) for CVEs or attack techniques relevant to ACE's tools, cloud platform, M365, EDR/XDR, SIEM, and MFA platform, and summarise findings for the team.
  • Run structured threat hunts using SIEM and EDR/XDR platforms to look for suspicious behaviour that alerts have not flagged, using playbooks and hypotheses provided or agreed with the manager.
  • Document hunt activity and detection changes clearly, including what was searched, what was found, and any rules created or updated as a result.
  • Support post-incident reviews by checking logs for signs of earlier attacker activity or missed indicators.
  • Assist the SOC team by sharing relevant threat updates and flagging anything unusual identified during intelligence or hunting activities.

REQUIRED SKILLS & EXPERIENCE

  • 1–2 years of experience in a SOC, security analyst, or IT security role.
  • Basic familiarity with SIEM or any SIEM platform, including understanding how alerts are generated and what log data looks like.
  • Awareness of the MITRE ATT&CK framework and common attack techniques.
  • Ability to read and interpret security logs across endpoint, cloud, or identity sources.
  • CompTIA Security+ or any equivalent certification.

DESIRABLE

  • Hands-on exposure to SIEM rule writing, Sigma rules, or query language queries.
  • Familiarity with threat intelligence feeds or platforms (even free ones such as threat intelligence platforms, threat intelligence feeds, or similar resources).
  • Basic Python or PowerShell scripting skills for simple automation tasks.
  • Interest or coursework in threat hunting, detection engineering, or cyber threat intelligence.

COMPETENCIES

  • Curious and self-motivated, with a genuine interest in understanding how attacks work, not just closing tickets.
  • Organised and detail-oriented, maintaining clear records of what was checked and what was found.
  • Good communicator, able to explain a threat or finding clearly in writing to colleagues who were not involved.
  • Collaborative and comfortable asking questions, sharing findings, and working as part of a small team.

REQUIRED SKILLS & EXPERIENCE

  • 1–2 years of experience in one or more of the following: detection engineering, threat intelligence, threat hunting, or senior SOC analyst roles.
  • Hands-on expertise with SIEM rule authoring, decoder development, SIEM query interface querying, and log source integration.
  • Proficiency in SIEM query languages, SIEM query language, or query language for hunt execution and detection development.
  • Strong working knowledge of MITRE ATT&CK and hands-on experience mapping TTPs to detection coverage and gap analysis.
  • Demonstrated experience producing structured threat intelligence outputs, including IOC feeds, TTP briefings, and advisory reports.
  • Familiarity with threat intelligence platforms, threat intelligence platforms, threat intelligence platforms, or equivalent solutions.
  • Understanding of endpoint, cloud, network, and identity telemetry and how adversaries move across these layers.
  • One or more certifications: CompTIA CySA+, Certified Threat Hunting Professional (THP), or equivalent.

DESIRABLE

  • Experience authoring Sigma rules and converting them to platform-specific detection formats.
  • Familiarity with EDR/XDR platform Live Discover for custom hunt queries and behavioural analysis.
  • Knowledge of dark web monitoring tooling and OSINT frameworks, OSINT platforms, OSINT tools, or equivalent solutions.
  • Scripting capability in Python, query language, or Bash for IOC ingestion automation, hunt query execution, or SIEM integration development.
  • Understanding of STIX/TAXII for structured threat intelligence sharing.
  • Experience in a regulated financial services environment (FCA, PCI DSS v4.0.1, DORA, UK-GDPR).
  • Familiarity with FS-ISAC feeds or equivalent financial sector threat intelligence communities.

ACE Money Transfer Profile: https://acemoneytransfer.com/company-profile

Resume ExampleCover Letter Example