team.blue Belgium is the Belgian division of team.blue, operating Combell (#1 Belgian hoster), OpenMinds, and other brands. Headquartered in Ghent with strong focus on managed hosting, cloud and SaaS for European SMBs.

Technology · Multiple locations · Fully Remote

Detection & Response Platform Lead

team.blueis an ecosystem of 60+ successful brands working together across 22 European countries to provide its 3.5 million SMB customers with everything they need to succeed online by offering best-in-class expertise and services.

team.blue’s brands are a mix of traditional hosting businesses that offer services from domain names, email, shared hosting, e-commerce, and server hosting solutions and, as specialist SaaS providers, adjacent products such as compliance, marketing tools, and team collaboration products. This broad product offering makes it a one-stop partner for online businesses and entrepreneurs across Europe.

The role

We are looking for a Detection & Response Platform Lead to drive our endpoint security strategy and evolve our detection capabilities at scale. This is an opportunity to shape the future ofteamb.blue’s Security Operations.

You will own our detection and response platforms as the foundation, while building scalable detection solutions, automating workflows, and collaborating across DevOps, Operations, and SaaS portfolio companies to reduce threats upstream.

Your objectives are:

1. Strategically manage our endpoint detection platforms– Own detection & response platforms configurations, optimizatiosn, and vendor relationships to maximize detection efficacy acrossteam.blueinfrastructure
2. Engineer scalable detection solutions– Automate alert triage and enrichment, and continuously improve detection coverage
3. Drive cross-functional influence– Partner with DevOps, vulnerability management, and SaaS companies to reduce alert volume by strengthening preventive controls and threat modeling upstream

The position can be based anywhere within the EU as fully remote or hybrid working from one of our many offices.

Your Responsibilities

Platform Ownership & Strategy

• Own the strategic direction, configuration, and optimization of detection & response platforms acrossteam.blueinfrastructure
• Maintain and continuously improve the services, reviewing incidents and collaborating with the vendor to enhance service quality
• Monitor alert trends and tune detection policies to optimize true positive rates while reducing alert fatigue

Detection Engineering & Automation

• Conduct threat hunting to identify gaps in detection coverage and validate detection efficacy
• Build custom detection rules based on threat intelligence, hunting findings, and incident learnings

Cross-Functional Collaboration & Influence

• Partner with Operations and Infrastructure teams to ensure consistent endpoint protection standards
• Work with vulnerability management to prioritize patching based on active threats and detection findings
• Provide threat context to upstream teams to improve preventive controls and reduce alert volume

Continuous Improvement & Knowledge Sharing

• Implement blameless postmortems after incidents to drive continuous improvement
• Sharing detection content and learnings withinteam.blue
• Document detection logic, playbooks, runbooks, and configuration standards
• Stay current on endpoint threat landscape, attack techniques, and detection methodologies

Your Skillset

Working Environment

You will jointeam.blue’s Security Management team of 14 security professionals, reporting directly to the Group CISO. You will work closely with our Operations depar