Senior Engineer – Threat Detection Operations

About The Position

Requirements

• 4-year degree in cybersecurity, computer science, data science, or a related field, or equivalent practical experience.
• 5+ years of experience in cybersecurity, including at least 3 years focused on developing detections informed by threat intelligence, adversary behaviors, and/or data science and machine learning techniques.
• Experience developing, deploying, and tuning detections across a variety of platforms such as SIEM, EDR, cloud security, and security analytics platforms
• Experience with cloud security monitoring across AWS, GCP, or Azure environments
• Strong understanding of end-to-end detection engineering concepts resulting in durable, scalable detection content
• Experience scripting with languages such as Python, PowerShell, or Bash to automate security workflows and improve detection operations
• Strong understanding of adversary tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK and the Cyber Kill Chain
• Strong analytical and problem-solving skills with the ability to evaluate security telemetry and identify detection opportunities
• Strong communication and collaboration skills with the ability to work effectively across security and engineering teams

Nice To Haves

• Experience with detection-as-code methodologies, CI/CD pipelines, and automated testing frameworks for security content
• Experience applying statistical analysis, anomaly detection, machine learning, or behavioral analytics to improve detection capabilities
• Experience with security data modeling, feature engineering, or graph-based threat detection techniques
• Experience applying LLMs or AI-assisted workflows to detection development, alert triage, enrichment, or investigation use cases
• Relevant certifications such as GCIA, GCIH, GCED, GMLE, GCFA, or similar cybersecurity certifications

Responsibilities

• Design, develop, deploy, and maintain production-ready detections across a variety of security platforms, including SIEM, EDR, cloud, identity, and network security technologies
• Translate threat intelligence, incident response findings, and threat hunting outcomes into scalable, actionable detection logic
• Develop and tune behavioral, signature-based, and statistical/anomaly-driven detections to identify malicious or suspicious activity while minimizing false positives and toil
• Collaborate with Cyber Threat Intelligence, Incident Response, Threat Hunting, and platform engineering teams to identify and resolve detection and visibility gaps
• Validate detection coverage against adversary tactics, techniques, and procedures (TTPs) using frameworks such as MITRE ATT&CK
• Measure and report on detection performance, including fidelity, coverage, and effectiveness
• Contribute to the continuous improvement of detection engineering practices, standards, and methodologies

Benefits

• Comprehensive health benefits and programs, which may include medical, vision, dental, life insurance
• 401(k)
• Employee discount
• Short term disability
• Long term disability
• Paid sick leave
• Paid national holidays
• Paid vacation