Information Security Engineer – Cyber Threat Detection & Response
Join to apply for the Information Security Engineer – Cyber Threat Detection & Response role at Ryanair - Europe's Favourite Airline
Ryanair Labs are currently recruiting for a Information Security Engineer – Cyber Threat Detection & Response to join Europe’s Largest Airline Group! This is a very exciting time to join Ryanair as we look to expand our operation to 800 aircraft and 300 million guests within the next 10 years. Ryanair Labs is the technology brand of Ryanair. Labs is a state‑of‑the‑art digital & IT innovation hub creating Europe’s Leading Travel Experience for our customers.
The Role
We are seeking an experienced Senior Threat Detection & Response Engineer to join our cybersecurity team supporting a fast‑paced, cost‑sensitive airline environment. The ideal candidate has a strong technical background in detection engineering, incident response, and computer forensics. You will be responsible for developing actionable detections, responding to security incidents, and producing insightful KPI reports to support decision‑making and regulatory compliance.
Key Responsibilities
Develop and tune threat detection rules across SIEM, EDR, and cloud environments.
Lead containment, eradication, and recovery efforts for cyber incidents.
Create and maintain dashboards to track KPIs such as MTTD, MTTR, detection coverage, and investigation volume.
Perform threat hunting based on current threat intelligence and adversary TTPs.
Automate alert enrichment, triage, and response workflows using SOAR or scripting (Python/PowerShell).
Collaborate with IT, cloud, and compliance teams to enhance detection quality and response readiness.
Contribute to documentation, playbooks, and continuous process improvement.
Requirements
6+ years in SOC, IR, or threat detection roles
Hands‑on experience with SIEM (e.g., Microsoft Sentinel, Splunk), EDR (e.g., Defender, CrowdStrike)
Experience with Azure/AWS cloud security logs and detection use cases
Practical knowledge of MITRE ATT&CK
Ability to produce meaningful metrics and dashboards (e.g., Sentinel Workbooks, Power BI, Kibana)
Strong scripting skills (Python, PowerShell)
Clear communication skills across technical and non‑technical stakeholders
Nice to Have
Experience in aviation, logistics, or other regulated sectors
Familiarity with SOAR platforms
Certifications such as GCIA, GCIH, OSCP, or cloud security (AZ-500, AWS Security Specialty)
Understanding of NIS2 or EASA cybersecurity guidance
Benefits
Competitive salary
Discounted and unlimited travel to over 250 destinations
Defined Contribution Pension Scheme – Matched up to 5% or €5,000
Death in Service Benefit – Up to 2 times of annual basic salary
20 Days Annual Leave – Increasing to 22 days after 12 months and 25 days after 3 years of continuous service.
Option for up to 5 additional unpaid leave days per year
Cycle 2 Work Scheme
Unrivalled career progression
Competencies
Cloud
Coding / Programming
Cyber Security Awareness
Communication
Seniority level
Mid‑Senior level
Employment type
Full‑time
Job function
Information Technology
Industries
Airlines and Aviation
Location: Dublin, County Dublin, Ireland
#J-18808-Ljbffr