Lead Engineer - Threat Detection & Response Platforms

Job Description

#LI-KO1

Are you passionate <script>alert(1)</script>about software craftsmanship and eager to help keep the LEGO Group secure?

We are looking for a Lead Engineer to drive the engineering direction of our Threat Detection & Response platforms.

This role sits at the intersection of platform engineering, security operations, and product development. You will lead a small team of engineers responsible for building and evolving platforms that power our detection and response capabilities and automation tooling.

You won’t be writing large application codebases. Instead, you will focus on architecture, automation, scalability, and engineering quality across systems that ingest, process, and act on security data at scale.

Core Responsibilities

You will:

• Own the technical direction of our detection & response platforms (SIEM, SOAR, ingestion)
• Lead a small team of engineers with a focus on engineering craftmanship and platform reliability
• Work closely with product management and SecOps collaborators to ensure we build useful, usable capabilities, not just tools.
• Drive automation of workflows and response processes.
• Continuously identify and lead initiatives to improve our platforms resilience.

Play your part in our team succeeding

The threat detection and response platforms team is responsible for the engineering and operation of the core platforms that enable our security operations and incident response capabilities. Working closely with analysts, responders and product management, the team builds and evolves the services, automations and integrations that helps detect threats, investigate incidents and respond effectively at scale.

As a lead engineer, you will play a key role in shaping the technical direction and engineering maturity of these platforms. The role supports the organisation by improving scalability, reliability and effectiveness of our detection and response capabilities while reducing friction and toil, through automation, observability and strong engineering practices.

We care about trust, empathy and long-term impact.

Do you have what it takes?

You will likely bring a mix of:

Strong platform and cloud engineering

• Experience with Azure (or other cloud platforms)
• Experience designing and operating distributed systems and data pipelines.
• Strong understanding of infrastructure-as-code
• Familiarity with event-driven architecture, APIs, and integrations

Architecture and systems thinking

• Experience designing scalable, resilient and observable systems
• Comfortable making architectural decisions in complex, loosely defined environments

Automation and engineering approach

• Experience with scripting and automation
• Passion for reducing manual work and improving system efficiency
• Interest in areas like: automated testing, detection engineering, workflow automation

Leadership and collaboration

• Experience leading engineers, formally or informally
• Strong stakeholder management
• Ability to work in a product-oriented setup, collaborating closely with product managers and end-users

Other nice to have experiences include:

• SIEM platforms such as Microsoft Sentinel
• EDR solutions like Microsoft Defender
• Automation and orchestration platforms like Torq
• Building or improving observability for platforms (metrics, logging, alerting, SLOs)
• Testing strategies for non-traditional codebases (e.g. pipelines, rules, configurations)

Applications are reviewed on an ongoing basis. However, please note we do amend or withdraw our jobs and reserve the right to do so at any time, including prior to any advertised closing date. So, if you're interested in this role we encourage you to apply as soon as possible.

What’s in it for you?

Here is what you can expect:

Family Care Leave - We offer enhanced paid leave options for those important times.

Insurances – All colleagues are covered by our life and disability insurance which provides protection and peace of mind.

Wellbeing - We want our people to feel well and thrive. We offer resources and benefits to nurture physical and mental wellbeing along with opportunities to build community and inspire creativity.

Colleague Discount – We know you'll love to build, so from day 1 you will qualify for our generous colleague discount.

Bonus - We do our best work to succeed together. When goals are reached and if eligible, you'll be rewarded through our bonus scheme.

Workplace - When you join the team you'll be assigned a primary workplace location i.e. one of our Offices, stores or factories. Our hybrid work policy means an average of 3 days per week in the office. The hiring team will discuss the policy and role eligibility with you during the recruitment process.

Children are our role models. Their curiosity, creativity and imagination inspire everything we do. We strive to create a diverse, dynamic and inclusive culture of play at the LEGO Group, where everyone feels safe, valued and they belong.

The LEGO Group is highly committed to equal employment opportunity and equal pay and seeks to encourage applicants from all backgrounds (eg. sex, gender identity or expression, race/ethnicity, national origin, sexual orientation, disability, age and religion) to apply for roles in our team.

The LEGO Group is fully committed to Children’s Rights and Child Wellbeing across the globe. Candidates offered positions with high engagement with children are required to take part in Child Safeguarding Background Screening, as a condition of the offer.

Thank you for sharing our global commitment to Children’s Rights.

Just imagine building your dream career.

Then make it real.

Join the LEGO® team today.