Security Detection Engineer
About The Position
Movable Ink scales content personalization for marketers through data-activated content generation and AI decisioning. The world’s most innovative brands rely on Movable Ink to maximize revenue, simplify workflow and boost marketing agility. Headquartered in New York City with close to 600 employees, Movable Ink serves its global client base with operations throughout North America, Central America, Europe, Australia, and Japan. Movable Ink is hiring a Security Detection Engineer to strengthen our security monitoring and detection capabilities. To succeed in this role, you'll combine deep technical curiosity with a methodical approach to threat detection, helping protect our platform and the hundreds of enterprise customers who depend on it. This is a hands-on opportunity to own and evolve our detection engineering practice, working closely with our Security Engineering team. You'll play a critical role in ensuring we can identify and respond to security threats quickly—whether they target our employees, infrastructure, or cloud environments.
Requirements
- 2+ years of experience in a security operations, detection engineering, or SIEM-focused role
- Hands-on experience writing and tuning SPL queries in Splunk
- Familiarity with common attack techniques and the MITRE ATT&CK framework
- Experience with cloud platforms (AWS or GCP) and understanding of cloud-specific threats
- Exposure to EDR platforms (CrowdStrike preferred) and CSPM tools
- Understanding of log sources such as Okta, Google Workspace, endpoint logs, and network traffic
- Strong analytical and troubleshooting skills with attention to detail
- Clear written and verbal communication skills; ability to document findings and escalate effectively
- Self-motivated and comfortable working autonomously with a distributed team
Responsibilities
- Build, tune, and maintain detection rules and alerts in Splunk to identify security threats, suspicious activity, and policy violations
- Reduce alert fatigue by continuously improving detection logic to minimize false positives while maintaining coverage
- Monitor and develop detections for cloud security events across AWS and GCP using our CSPM tooling (Prisma Cloud)
- Collaborate with the Security team to develop detection strategies based on threat intelligence and the MITRE ATT&CK framework
- Investigate alerts and escalate confirmed incidents according to our incident response procedures
- Set up and configure automation scripts and tooling for alert triage, ticket creation, and incident workflows
- Create dashboards and reports to provide visibility into security posture and detection effectiveness
- Document detection logic, runbooks, and response procedures
- Support EDR (CrowdStrike) monitoring and investigate endpoint-related alerts
- Identify opportunities to use Splunk for operational and product monitoring beyond pure security use cases
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
501-1,000 employees
