Detection Engineer

About The Position

Requirements

• 4+ years in Detection Engineering, Security Operations or Security Automation
• Knowledge of SIEM, EDR, cloud and network-based detection techniques
• Exposure to cloud-native logging and monitoring (CloudTrail, Azure, O365)
• Experience with cloud-native security alerting (GuardDuty, EntraID Identity Protection, Okta ThreatInsight)
• Understanding of threat actor behaviors and MITRE ATT&CK and how TTPs manifest in collected telemetry
• Proficiency in script and automation (Python preferred)
• Experience with Git and CI/CD pipelines (GitHub Actions, Jenkins)
• Familiarity with YAML/JSON-based rule definitions (e.g. Sigma)
• Ability to simulate and basic adversary behavior through automated frameworks (Atomic Red Team, MITRE Caldera)

Responsibilities

• Develop, manage and version-control detection logic using Detection-as-Code principles (e.g. Git, CI/CD)
• Leverage and implement CI pipelines to validate and deploy detection rules.
• Translate threat intelligence reports and attacker Tools Techniques and Procedures into detection rules.
• Analyze logs and security telemetry from various sources and tools (endpoint, network, cloud)
• Continuously tune detections rules to maximize precision and efficacy
• Troubleshoot and maintain detection rules not functioning as required
• Build and maintain automation scripts in Python, Bash and PowerShell
• Build and maintain detection and coverage metrics dashboards
• Train and mentor Junior Detection Engineers
• Liaise with other stakeholders and involved parties
• Collaborate with IR teams as part of response and remediation efforts

Benefits

• Comprehensive benefits package focused on health, wellbeing and financial security
• Professional development opportunities
• Culture of inclusion and belonging
• Employee Resource Groups (ERGs)