Senior Security Detection Engineer

What You Will Bring / Key Responsibilities

• Design, develop, andmaintaindetection rules, alerts, and analytics toidentifycybersecurity threats acrossendpoints, network, identity, cloud, and application platforms.

• Collaborate with threat intelligence, threat hunting, and security operations teams to understand emerging threats and translate TTPs into actionable detections.

• Continuouslymonitorthe threat landscape and proactively recommend improvements to detection coverage andmethodology.

• Validate, test, and tune detection content to reduce false positives and improve accuracy, performance, and signal-to-noise ratio.

• Partner with incident response teams toprovidedetection insights, improve alert fidelity, and support investigation workflows.

• Maintain and enhance the organization’s detection repository within SIEM and detection platforms, ensuring content stays current with evolving attack techniques.

• Develop and refine Data Loss Prevention (DLP) detection policies and monitoring use cases to protect sensitive data and support compliance requirements.

• Identifydetection gaps and raise risks, working with engineering and security stakeholders to prioritize remediation and improvements.

• Stay current on cybersecurity tools, frameworks, and adversary techniques to continuously evolve detection engineering practices.

• Contribute technical guidance and peer mentorship, helping upliftdetectionquality and engineering standards across the team.

Additional Job Description

More About This Role

This role is ideal for a hands-on detection engineer who enjoys building and tuning security analytics, collaborating across teams, and proactively improving security posture. You will have meaningful influence on detection coverage and technical direction without formal people management responsibilities.

Job-Specific Requirements

• Bachelor'sdegree incomputer science, Information Security, or a related field (or equivalent practical experience).

• At least 5 years of experience in cybersecurity with a strong focus on detection engineering, threat hunting, Security Operations Center operations, or incident response.

• Experience working with or alongside Red Team/Purple Team activities.

• Strong knowledge of Security Information Event Management platforms, log pipelines, anddetectionengineering workflows.

• Proficiencyin scripting or programming languages such as Python, PowerShell, or Bash.

• Familiarity with adversary tactics, techniques, and procedures (Tactics Techniques Procedures), MITRE ATT&CK, and detection engineering frameworks.

• Experience with cloud environments and cloud-nativeattack/detection strategies (e.g., AWS, Azure, GCP).

• Strong analytical and problem-solving skills with a creative approach to detection design.

• Excellent collaboration and communication skills with the ability to work cross-functionally with security and engineering teams.

• Relevant certifications (e.g., GCDA, GCFA,GCFR,GCIH,GREM, OSCP, CISSP) are a plus but notrequired.

• Experience with Version Control Systems (VCS) (GitHub)

• Experience working with SIGMA,YARA,anddetectionquery language structures.