Specialist, Cyber Detection Engineer

About The Position

Requirements

• 3+ years of experience in detection engineering, incident response, threat hunting, or security operations in large enterprise environments.
• Practical experience working with common Endpoint, Identity, Network, Cloud & SaaS technologies, and associated logging.
• Proven experience developing detection content across multiple telemetry sources.
• Strong proficiency with at least one major SIEM/XDR ecosystem and advanced query authoring (Splunk SPL, Microsoft KQL, SQL strongly preferred).
• Solid understanding of adversary tradecraft with practical experience applying MITRE ATT&CK to detection design, validation, and coverage assessment.
• Ability to reason about attacker behaviors, detection logic trade-offs, and operational impacts rather than relying solely on static indicators.
• Experience using common scripting languages (e.g. Python, PowerShell) and to solve problems, automation tasks and interact with REST/GraphQL APIs.
• Strong written and verbal skills, with the ability to communicate effectively with both technical and non-technical stakeholders.

Nice To Haves

• GIAC GDAT, GCDA, GCTD, GCTI, GMON, GCIH, GCFA, GCPY
• Splunk Power User
• Microsoft SC-200, AZ-500
• CompTIA Cybersecurity Analyst (CySA+)

Responsibilities

• Operationalize security alerting and develop new custom detection capabilities across endpoint, identity, network, cloud, and application domains.
• Author and maintain detections using SIEM/XDR platforms, ensuring performance, scalability, and precision.
• Transform threat intelligence, incident learnings, purple-team results, and hunt findings into new detection content, enhancements, or coverage improvements.
• Validate detections using realistic attack scenarios, emulation results, historical data, and safe adversary simulations.
• Identify telemetry gaps and log data quality issues that limit visibility or detection effectiveness, and work with platform and infrastructure teams to remediate.
• Rapidly develop temporary analytics or scoping queries to support Incident Response efforts during active investigations.
• Participate in continuous improvement initiatives, metrics and reporting, and lifecycle management processes.

Benefits

• Market competitive base salaries, with a yearly bonus potential at every level.
• Medical, dental, vision, life insurance, disability insurance, Paid Time Off (PTO), and leave of absences, such as parental and military leave.
• 401(k) plan with company match (up to 4%).
• Company-funded pension plan.
• Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs.
• Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development.
• Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs.
• Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service.