Cyber Engineer Honeypots and Deception £85k

New Yesterday

Cyber Security Engineer - Deception & Honeypot Specialist

Location: UK (fully remote - work from anywhere, including overseas)
Salary: Up to £85,000 + benefits

About the role

We're looking for a Cyber Security Engineer with deep expertise in deception technologies and honeypots to help us build and operate highly realistic, internet-facing security environments.
This is a hands-on engineering role focused on active defence , attacker engagement, and turning adversary behaviour into high-quality detection signals and threat intelligence. You'll work at scale, move quickly, and operate where real attackers live.

What you'll be doing

Design, deploy and run large-scale deception infrastructure , including high-interaction honeypots and decoy services exposed to the internet

Build believable emulations of real systems, applications and protocols that withstand fingerprinting and attacker scrutiny

Capture, enrich and analyse real attacker behaviour , from initial access through exploitation and post-exploitation

Continuously adapt deception techniques based on emerging vulnerabilities, exploitation trends and adversary tradecraft

Transform raw telemetry and logs into actionable security signals , detections and structured intelligence

Rapidly roll out new deception scenarios in response to active exploitation, N-day and zero-day events

Work closely with Detection Engineering and Threat Intelligence to productionise insights

Produce automated analysis and reporting on attacker activity, campaigns and techniques

Share findings across engineering, research, product and go-to-market teams

Contribute to original research, blogs or publications for the wider security community

Own the full deception lifecycle: build quality, deployment, data integrity and long-term signal value

What we're looking for

7+ years' experience in cyber security engineering , detection engineering, threat research, offensive security or similar hands-on roles

3+ years working with honeypots, deception platforms or large-scale internet telemetry

Strong understanding of modern attacker behaviour, including exploitation chains, tooling and post-exploitation workflows

Experience building or modifying network services, protocols or application stacks to mimic real production systems

Deep knowledge of Linux , networking and common internet protocols (HTTP/S, SSH, SMTP, FTP, databases, RPC, etc.)

Strong Python skills, including building services, emulators, instrumentation and automation

Experience deploying systems using cloud platforms, containers and infrastructure-as-code

Comfortable operating in noisy, adversarial environments where attackers actively adapt

Familiarity with log pipelines and analysis platforms such as ELK / OpenSearch

Background working in a startup or fast-moving B2B environment is a strong plus

Why join us?

Fully remote role with genuine work-from-anywhere flexibility

Work on real attacker activity, not synthetic lab data

High trust, low bureaucracy engineering culture

Opportunity to influence detection, research and product direction

Competitive salary up to £85k , plus healthcare, holidays and bonus scheme online in 2026

Apply now to take ownership of your next challenge and shape the future of offensive security. Email if you don't want to upload your CV to the job board.
Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter - @Circle_Rec and LinkedIn - Circle Recruitment.

TPBN1_UKTJ
Apply
Location:
Manchester
Salary:
£100,000
Job Type:
FullTime
Category:
Engineering

We found some similar jobs based on your search