Detection Engineer – SIEM/EDR & Threat Intelligence Integration

Company Description

ThreatLens is a cutting-edge cybersecurity company specializing in advanced threat intelligence solutions powered by AI and Large Language Models (LLMs). Our platform enhances organizations' cybersecurity efforts by enabling proactive detection and swift responses to sophisticated threats. By integrating LLM-driven insights, we provide robust security operations with full visibility, faster threat remediation, and reduced risks. ThreatLens empowers organizations to manage and secure their cloud and hybrid environments with speed and precision.

Role Description

The Detection Engineer – SIEM/EDR & Threat Intelligence Integration is a full-time position remote. This role involves developing, integrating, and optimizing SIEM and Endpoint Detection & Response (EDR) solutions in line with threat intelligence strategies. Daily tasks include configuring detection rules, analyzing security event data, and collaborating with teams to improve threat detection capabilities. The Detection Engineer will also design and implement security solutions, troubleshoot technical issues, and assist in maintaining the security infrastructure for diverse environments.

Required Skills

• Strong expertise with at least

  one SIEM (Sentinel, Splunk, Elastic)

  and

  one EDR/XDR (CrowdStrike, SentinelOne, Defender for Endpoint)

  .
• Deep understanding of

  log pipelines, normalization (CEF, Syslog, JSON)

  , and

  incident response workflows

  .
• Familiarity with

  MITRE ATT&CK

  ,

  Sigma/YARA rules

  , and

  IOC correlation methods

  .
• Scripting knowledge (Python, PowerShell, or Bash).
• Experience working with

  threat feeds

  (OTX, MISP, Abuse.ch, etc.) and enrichment APIs.
• Knowledge of

  automation frameworks

  (SOAR, playbooks, API-based remediation).
• Exposure to

  AI-assisted detection engineering

  or

  LLM-based log enrichment

  .
• Understanding of

  multi-tenant architecture

  and

  data segregation policies

  .

Qualifications

• Strong foundation in Computer Science, with expertise in concepts such as algorithms, data structures, and system design
• Proficiency in Back-End Web Development and Software Development for building secure, scalable solutions
• Experience with Programming and Object-Oriented Programming (OOP) for creating robust and reliable code
• Knowledge of cybersecurity principles and experience with threat detection and response
• Strong problem-solving skills and the ability to work effectively in a collaborative, on-site team environment
• Relevant certifications such as CISSP, CEH, or GIAC are advantageous
• Bachelor's degree in Computer Science, Information Security, or a related field

careers@thethreatlens.com