Sr Assoc, Cyber Sec ThreatMgmt - Detection Engineer

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• 2+ years of experience in cybersecurity, preferably in detection engineering, threat hunting, or incident response
• Proficiency in writing and tuning detection logic in SIEM platforms (e.g., Splunk, Sentinel, Elastic).
• Strong understanding of cybersecurity principles, including SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions.
• Experience with coding/scripting languages such as Python, PowerShell, or Bash.
• Familiarity with CI/CD pipelines, code repositories (e.g., Git), and Infrastructure-as-Code tools (e.g., Terraform, Ansible).
• Excellent problem-solving skills and attention to detail.
• Strong communication and documentation abilities.
• Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future.
• Northern Trust will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)

Nice To Haves

• Experience in a cloud environment (e.g., AWS, Azure, GCP).
• Knowledge of malware analysis, reverse engineering, and digital forensics.
• Experience with performing insider threat analysis and detections
• Knowledge of security orchestration and automation platforms
• Relevant certifications such as GCDA, GCFA, or equivalent.

Responsibilities

• Build, refine, and manage detection content to identify and mitigate potential threats.
• Develop a Detection-as-Code standard using code repositories and CI/CD pipelines to streamline content deployment via Infrastructure-as-Code methodologies.
• Work closely with various teams in Security Operations to anticipate and detect potential threats before they fully materialize.
• Participate in continuous improvement initiatives to enhance detection capabilities and efficiency.
• Develop and maintain documentation for detection logic, use cases, and response playbooks.
• Maintain up-to-date knowledge of the latest cybersecurity threats, tools, and best practices.
• Contribute to automation of detection and response processes using SOAR platforms.

Benefits

• retirement benefits (401k and pension)
• health and welfare benefits (medical, dental, vision, spending accounts and disability)
• paid time off
• parental and caregiver leave
• life & accident insurance
• other voluntary and well-being benefits
• discretionary bonus program that may include an equity component