Detection Engineer
Tasks
- Build scripts for log parsing and data normalization
- Build tune and maintain detection logic
- Conduct threat hunting with adversary TTP modeling
- Design and maintain SOAR playbooks
- Develop enrichment and response workflows
- Document incident response evidence for audits
- Implement detection-as-code workflows
- Integrate AI assisted triage validation
- Integrate SOAR with SIEM EDR and threat intelligence
- Lead incident response and escalation for complex threats
- Map detection coverage to MITRE ATT&CK
- Optimize signal-to-noise ratio
- Perform incident triage during on call
- Report security metrics and detection performance
- Translate threat intelligence into detections
Perks/Benefits
Skills/Tech-stack
AWS GuardDuty | AWS Inspector | AWS Security | AWS Security Hub | AWS Security Lake | Access Management | Amazon Web Services | Anomaly Detection | Behavioral analytics | CI/CD | Detection engineering | Detection-as-code | EDR | Git | Identity and Access Management | Identity and access | Incident Response | KMS | MITRE ATT&CK | NDR | Python | REST APIs | SIEM | SOAR | Security Hub | Security Lake | Shell Scripting | Sigma | Terraform | Threat Intelligence | Threat hunting | Web Services | Yara | “as-code”
Education
Roles
Detection Engineer | Engineer | Security | Security Engineer
Related jobs
-
Cloud Systems Administrator Sr USD 101K-181KAS2 | AWS | Ansible | Azure | B2B IntegratorComprehensive wellness initiatives | On-call rotation | Time away from work programs | Volunteer daysMid-level Full TimeUnited States R9h ago
-
Cloud Systems Administrator Sr USD 101K-181KAS2 | AWS | Ansible | Azure | B2B IntegratorOn-call support | Recognition programs | Time away from work programs | Volunteer days | Wellness initiativesMid-level Full TimeUnited States R9h ago
-
Chief Information Security Officer (CISO) USD 175K-290K800-171 | 800-53 | AWS | Access Management | Application SecurityExecutive-level Full TimeRemote, United States R17h ago
-
Lead Product Security Engineer USD 165K-205K800-171 | 800-53 | Application Security | Bash | Build provenance401k | Dental insurance | Health insurance | Hybrid remote/in-office | Inclusive cultureSenior-level Full TimeRemote (United States) R17h ago
-
Amazon ECS | Amazon EKS | Automation | Chef | Cloud SecurityEquity compensation | Health benefits | Onsite days schedule | Optional remote days N/ASenior-level Full TimeSan Mateo, CA, United States R18h ago
-
Senior Systems Engineer USD 120K-120K800-53 | AWS | Access Management | Active Directory | Azure401k retirement plan | Dental insurance | Employee assistance programme | Enhanced PTO | Flexible spending accountSenior-level Full TimeRemote, United States R20h ago
-
Senior Security Engineer, Detection Engineering USD 181K-217KAWS | Cloud Security | Cloud platform | Data Pipelines | Detection engineering401k match | Accident insurance | Dental insurance | Disability insurance | Employee assistance programSenior-level Full TimeDenver, CO; New York City, NY; … R20h ago
-
Infrastructure Engineer USD 180K-275KAccess Management | Air Gapped Computing | Air-gapped | Amazon Web Services | Artifact PipelineSenior-level Full TimeUnited States | Remote R21h ago
-
Manager, Application Security USD 123K-175KApplication Security | Bug Bounty | CI/CD | Cause analysis | DASTHybrid work | Remote workSenior-level Full TimeUnited States, Remote R21h ago
-
Sr. SIEM Engineering Consultant USD 140K-180KAccess Management | Ansible | Azure | Azure Monitor | BashRemote work | Security clearance eligibility | Support for on site engagementsSenior-level Full TimeWork from home, VA, United States R1d ago
-
Sr. TORQ/SOAR Engineer USD 140K-190KAgentic Automation | Ansible | Automation workflows | CI/CD | Context ManagementRemote work | Travel for client visits | U S passport requirementSenior-level Full TimeWork from home, VA, United States R1d ago
-
Senior-level Full TimeWork from home, VA, United States R1d ago
-
Security Engineer, Insider Threat USD 130K-192KAutomation | Cloud Computing | DLP | Data Pipelines | Git401k employer matching | Basic life insurance | Commuter benefits match | Disability insurance | Family-forming assistanceMid-level Full TimeUnited States - Remote R1d ago
-
Manager, Security Engineering & Operations USD 123K-175KAI | AWS | Automation | CNAPP | Detection engineeringHybrid work | Remote workSenior-level Full TimeUnited States, Remote R1d ago
-
Information Security Engineer | North America (EST) USD 165K-220KBrowser Extension | Browser extension security | Cloud Access Security Broker | Cloud Security | Cloud accessOptional WeWork access | Remote work flexibility | Stock grant opportunitiesSenior-level Full TimeUSA R1d ago
-
Cybersecurity Systems Engineer USD 148K-263KA&A | ABAC | ATO | Access Management | Body of EvidenceHealth insurance | Holiday pay | Learning and development | Life insurance | Long-term disabilitySenior-level Full TimeUSA-Remote Work R1d ago
-
Product Security Engineer USD 116K-154KAWS | Containerization | DAST | Data leakage | Dependency Scanning401k retirement plan | Commuter and parking accounts | Dental insurance | Emergency weather support | Financial planningEntry-level Full TimeRemote - US R1d ago
-
Senior Forward Deployed Engineer USD 140K-184KAccessibility | Amazon Web Services | Blockchain | C# | Cloud infrastructureFully remote USSenior-level Full TimeUnited States R1d ago
-
Airtable Administrator USD 120K-140KAPI Integration | Airtable | Data Governance | Data Integrity | Database Design401k matching | Commuter benefits | Dental insurance | Health insurance | Hybrid workMid-level Full TimeNew York- NY 225 Liberty, United … R1d ago
-
Senior Software Engineer - Cybersecurity USD 141K-212KAWS | Application Security | Authentication | Authorization | AzureChallenging projects | Competitive compensation | Professional developmentSenior-level Full TimeWaukesha, United States R1d ago
-
Cybersecurity Engineer II USD 107K-160KArtificial Intelligence | Automation | Bot management | Cloud Security | Cyber Kill ChainBereavement leave | Hybrid work option | Jury duty leave | Military Leave | Paid HolidaysMid-level Full TimeNorth Hills, NY - 3400 New … R1d ago
-
Sr. Network Security Engineer (Hybrid - Seattle, WA) USD 142K-220K802.1x | AWS Security | AWS Security Groups | Ansible | Azure NSGsDisability insurance | Employee assistance program | Life insurance | Medical/Dental/Vision | Merchandise DiscountSenior-level Full TimeSeattle WA, United States R1d ago
-
AWS | Automation | Azure | CI/CD | CIMSenior-level Full TimeRemote, Missouri, United States of America R1d ago
-
Network Engineer USD 116K-166K800-53 | ARM | AWS | Access Control | Ansible401k employer contribution | AD and D | Dental insurance | Life insurance | Long-term disabilitySenior-level Full TimeBoston, Massachusetts, United States - Remote R1d ago
-
Security Manager USD 112K-155K800-53 | AWS GuardDuty | AWS Security | AWS Security Hub | Access ManagementMid-level Full TimeWashington D.C., DC, USA (All Remote) R1d ago