THREAT DETECTION ENGINEER

About The Position

Requirements

• Bachelor’s Degree and 7+ years of enterprise cybersecurity experience
• Strong hands-on expertise in: Microsoft 365 security stack Microsoft Sentinel SIEM CrowdStrike Falcon Zscaler (ZIA/ZPA)
• Solid understanding of enterprise networking topology and cloud networking concepts
• Experience working with MSSPs, SOCs, and incident response retainers
• Threat hunting and detection engineering experience
• Broad, practical knowledge across all major cybersecurity domains
• Proven experience in incident response and security investigations
• Exceptional written and verbal communication skills
• Outstanding customer service mindset, with the ability to engage professionally under pressure
• CISSP (preferred) or actively studying for CISSP
• Microsoft Security certifications, a plus
• CCSP, Azure Security Engineer, GIAC, or equivalent, a plus

Nice To Haves

• Automation or scripting skills (KQL, PowerShell, Python)
• Experience operating in high-growth, high-expectation enterprise environments

Responsibilities

• Design, implement, and continuously improve security controls across cloud and SaaS environments.
• Act as a senior technical escalation point for security incidents, investigations, and complex security issues.
• Partner with SOC and incident response providers to ensure effective detection, response, and remediation.
• Lead root-cause analysis and drive continuous improvement following security events.
• Deliver security solutions with a customer-first mindset, ensuring stakeholders feel supported, informed, and confident.
• Architect, deploy, and operate security solutions across the Microsoft 365 ecosystem, including: Entra ID (Azure AD), Conditional Access, Identity Protection Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365
• Build, tune, and optimize Microsoft Sentinel SIEM, including: Data connectors and ingestion Analytics rules, KQL queries, workbooks, and automation Threat hunting and detection engineering
• Administer and optimize CrowdStrike Falcon for endpoint protection, EDR, and threat hunting.
• Implement and manage Zscaler (ZIA/ZPA) to support Zero Trust access and secure connectivity.
• Demonstrate a strong understanding of enterprise networking concepts and topology, including: Cloud networking Secure access architectures Traffic inspection and segmentation
• Ensure security best practices are embedded across all cloud and SaaS platforms.
• Apply and enforce security best practices across all cybersecurity domains, including: Identity & Access Management Cloud & SaaS Security Endpoint Security Network Security Data Protection Security Monitoring & Incident Response Vulnerability & Risk Management
• Support audits, risk assessments, and compliance initiatives.
• Contribute to security policies, standards, procedures, and technical documentation.
• Communicate security risks, incidents, and recommendations clearly, professionally, and confidently to technical and non-technical stakeholders.
• Deliver exceptional customer service to internal teams, leadership, and partners.
• Build trusted relationships across IT, cloud, and business teams.
• Mentor junior team members and raise the overall security maturity of the organization.