29 Detection Engineering Jobs

Job Summary: Seeking a Senior Staff Engineer with 1012 years of hands-on experience. Responsible for technically leading and driving complex detection engineering initiatives across the organization. Requires strong leadership, a deep technical foundation in detections, and a passion for delivering best-in-class detections. Responsible for building and optimizing detection content and working on the roadmap to build new content. Primary Responsibilities: Technically lead and drive Content Engineering projects (Detection Engineering) across cloud and on-prem environments. Collaborate with product, analytics, and business teams to define and prioritize detection engineering initiatives. Evalua...

Job Summary: We are seeking a Senior Staff Engineer to lead complex detection engineering initiatives across cloud and on-prem environments. The role demands strong technical leadership, expertise in cybersecurity threats, and experience building best-in-class detection content. The hire will mentor junior engineers, optimize detection capabilities, and drive the roadmap for innovative detection solutions. Primary Responsibilities: Lead and drive detection engineering projects across cloud and on-prem environments. Collaborate with product, analytics, and business teams to define and prioritize detection initiatives. Evaluate and integrate technologies to enhance detection content developmen...

Description: Senior Consultant responsible for designing, implementing, and optimizing Google SecOps SIEM and SOAR solutions, leading complex integrations, and advising clients on advanced detection, automation, and response strategies. Responsibilities: Lead the design and deployment of Google SecOps SIEM and SOAR solutions for complex client environments. Develop advanced detection rules, custom parsers, and SOAR playbooks to address sophisticated threats. Integrate diverse log sources and validate data quality, normalization, and enrichment. Advise clients on SIEM/SOAR best practices, use case development, and automation opportunities. Troubleshoot and optimize detection logic, integratio...

About Lowe's Lowe's is a FORTUNE 100 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2024 sales of more than $83 billion, Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing, improving community spaces, helping to develop the next generation of skilled trade experts and providing disaster relief to communities in need. For more information, visit Lowes.com. Lowe's India, the Global Capability Center of Lowe's Companies Inc., is a hub f...

You will be joining the Defender Experts (DEX) Research team within Microsoft Security, dedicated to advancing the company's threat protection strategy. As a Principal Threat Researcher, you will play a crucial role in researching and combating emerging cloud-based threats impacting both Microsoft and third-party security products. Your work will involve collaborating with a team of experts to develop innovative solutions that enhance threat detection and response capabilities within Microsoft Sentinel, contributing to the protection of enterprises worldwide. - Lead and execute advanced research on emerging cloud-based threats affecting Microsoft and third-party security products across dive...

Company Overview With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve Read on. At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all. Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose a...

Working at Atlassian Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company. Overview As a Senior Product Security Engineer, Cloud Security at Atlassian, you will play a key role in securing our cloud platforms and products. You'll work closely with engineering teams to design, implement, and improve security controls, drive secure-by-default practices, and help scale security across ...

Own threat detection, response, and hardening across cloud and endpoint estates. Design/operate SIEM/XDR/SOAR with detection engineering mapped to MITRE ATT&CK, and automate triage using GenAI for alert summarisation, enrichment, and knowledge search. Build Sigma rules, integrate EDR/telemetry (CrowdStrike, Defender, Sentinel/Splunk/Chronicle), and run purple-team exercises to close gaps. Champion Zero Trust, secrets hygiene, and incident runbooks with AI-assisted updates. Measure MTTA/MTTR, detection coverage, and control efficacy. Keywords: SIEM/XDR/SOAR operations and rule tuning (Sentinel/Splunk/Chronicle + EDR)Detection engineering mapped to ATT&CK Sigma/YARA authoring GenAI for alert t...

You will be responsible for leading a team as a Technical Account Manager in (MDR) Services / Security Operations Centre (SOC) Manager to safeguard customers" information assets. Your role will involve overseeing incident detection and response, utilizing advanced security technologies, coordinating with stakeholders, developing incident response plans, and leading and managing a team of security analysts and incident responders. Additionally, you will need to stay updated on cybersecurity threats, leverage threat intelligence for proactive identification, deploy cutting-edge security technologies, ensure compliance, and provide regular reports and insights to senior management. **Key Respon...

As a Data Security Program Lead at Syneos Health, your role will involve collaborating with cybersecurity program leads to identify internal and external threats to data security. You will also be responsible for leading and conducting detection engineering activities to address evolving risks and changing critical asset landscapes. Your duties will include triaging data security alerts, coordinating investigations with internal and external stakeholders, and acting as a subject matter expert to senior stakeholders and team members. Additionally, you will provide strong technical leadership and advice on relevant topics such as DLP, Insider Risk, Encryption, etc., in Data Security projects. ...

About The Job At Arctic Wolf, we're not just navigating the cybersecurity landscape - we're redefining it. Our global team of dedicated Pack members is driving innovation and setting new industry standards every day. Our impact speaks for itself: we've earned recognition on the Forbes Cloud 100, CNBC Disruptor 50, Fortune Future 50, and Fortune Cyber 60 lists, and we recently took home the 2024 CRN Products of the Year award. We're proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and earning a Customers Choice distinction from Gartner Peer Insights . Our Aurora Platform also received CRN's Products of the Year award in the inaugural Secu...

Job Description: Roles & Responsibilities: The Individual in this role will Review Front Door and Jira documentation submitted to and created by the Algorithm Development team Work with Focus Area Lead to analyze data feeds and provide feedback to STORM platform team regarding feed readiness. Document and capture feed information as part of feed onboarding process Working with Focus Area Lead based on Work Plan, research threat scenarios determine data sets required, develop algorithms for threat detection. Testing and onboarding alarms via team's processes. Grow knowledge of CyberSecurity. Team processes, and Systems. Required Skills: Over 8 years experience in Detection Engineering & Algor...

As a Cybersecurity Implementation Engineer with at least 2 years of relevant experience, your role will involve specializing in customer parser development, Yara rules creation, playbook implementation, and data ingestion techniques. You will collaborate with a team of skilled professionals to design and implement cutting-edge cybersecurity solutions. Your key responsibilities will include: - Developing custom parsers to extract and normalize data from various sources - Designing and maintaining Yara rules for threat detection - Creating playbook automation for incident response - Implementing data ingestion pipelines for analyzing security data - Working closely with cross-functional teams ...

Role Overview: As a Senior Threat Researcher in the Defender Experts (DEX) Research team at Microsoft Security, you will play a crucial role in advancing cloud security and protecting customers from advanced cyberattacks. You will collaborate with a team of experts to develop strategies and models that enhance threat detection and response capabilities within Microsoft Sentinel, contributing to real-time protections for enterprises worldwide. Key Responsibilities: - Lead and execute advanced research on emerging cloud-based threats affecting Microsoft and third-party security products in diverse cloud environments. - Develop and refine detection and response strategies using major SIEM platf...

Role Overview: You will be joining the Defender Experts (DEX) Research team within Microsoft Security, whose mission is to protect customers from advanced cyberattacks by transforming raw signals into intelligence. As a Threat Researcher, you will collaborate with researchers, analysts, and detection engineers to advance managed Sentinel expertise and drive research on emerging cloud threats impacting both Microsoft and third-party products. Your work will directly contribute to developing real-time protections for enterprises worldwide and enhancing threat detection and response capabilities within Microsoft Sentinel. This role offers a unique opportunity to work at scale, tackle complex cl...

As a Lead Security Analyst - SOC at Amagi, you will play a crucial role in the Detection Engineering, SIEM/WAF rule management, Cloud Security, and SOC operations. With 7-9 years of experience in SOC operations, including 2 years in a lead role, you will bring your expertise to the team. Your technical skills will be put to the test as you handle SIEM platforms, WAF configurations, cloud platforms (AWS/GCP), Kubernetes security, and DevOps tools like Jenkins and Terraform. Proficiency in Python for automation will be a key asset in enhancing detection workflows and reducing operational overhead. Your responsibilities will include designing and maintaining robust SIEM detection rules, optimiz...

At a Glance: The Story Behind AMINA Founded in April 2018 and headquartered in Zug, AMINA Bank is a pioneer in the financial industry providing a seamless, secure and easy-to-use bridge between digital and traditional assets. As a smart bank AMINA Bank offers a fully universal suite of regulated banking services in the emerging digital economy. In August 2019, AMINA Bank received a Swiss banking and securities dealer license the first time a reputed, regulatory authority such as FINMA has granted a licence to a financial services provider with a core capability in digital assets. The broad, vertically integrated spectrum of services combined with the highest security standards, make AMINA Ba...

KEY Capabilities Experience in working with SIEM Solutions such as Splunk or Azure Sentinel. Experience in working with any of Endpoint Detection and Response tools preferably Crowdstrike, Sentinel One or Microsoft Defender for Endpoint. Expertise in SIEM and EDR content development with an eye towards behavior-based detection logic. Strong background in host based and network-based behaviors. Familiarity of Windows Event IDs and common application logs. Knowledge in programming or scripting languages such as Batch Scripting, Python PowerShell, etc. Experience in purple teaming activities. Hands-on experience on threat Hunting for identification of interested events for content development. ...

About this role: Wells Fargo is seeking a Senior Information Security Engineer. In this role, you will: Lead or participate in computer security incident response activities for moderately complex events Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and dire...

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role: As a SOC Analyst - Detection Engineering in the banks security operations center (SOC), t...

You are a Cybersecurity Implementation Engineer with at least 2 years of relevant experience, specializing in customer parser development, Yara rules creation, playbook implementation, and data ingestion techniques. In this role, you will be involved in designing and implementing cutting-edge cybersecurity solutions while collaborating with a team of skilled professionals. Your responsibilities will include developing custom parsers to extract and normalize data from various sources, designing and maintaining Yara rules for threat detection, creating playbook automation for incident response, and implementing data ingestion pipelines for analyzing security data. You will work closely with cr...

Agoda is an online travel booking platform that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, as well as flights, activities, and more. As part of Booking Holdings and based in Asia, Agoda has a diverse team of 7,100+ employees from 95+ nationalities across 27 markets. The work environment at Agoda is characterized by diversity, creativity, and collaboration, fostering a culture of experimentation and ownership to enhance the travel experience for customers. The Security Department at Agoda oversees security, compliance, GRC, and security operations to ensure the safety and protection of the company and its employees. As a member of the Security Op...

About the role: As a SOC Analyst - Detection Engineering in the banks security operations center (SOC), the individual will be responsible to strengthen the creation and optimization of Analytical rules and alerts configured in the bank’s SIEM platform. Key Responsibilities: Business Understanding Accountable to ensure all security anomalous activities are detected by the banks SIEM platform and false positives are kept to a minimum. You will be responsible to build analytical correlational rules in the banks SIEM platform covering network, systems and endpoints, cloud (SAAS, IAAS and PAAS) and applications (both COTS and internally developed). Collaborate Verify the ingested logs and ensure...

What You'll Do Avalara, Inc. is the leading provider of cloud-based software that delivers a broad array of compliance solutions related to sales tax and other transactional taxes. What is it like to work at Avalara? Come find out! We are committed to the following success traits that embody our culture and how we work together to accomplish great things: Fun. Passion. Adaptability. Urgency. Simplicity. Curiosity. Humility. Ownership. Optimism. Avalara is looking for Detection Engineer to join the Detection and Response Team. The ideal candidate will have a track record in incident response, demonstrating advanced technical expertise and leadership capabilities. Your role will be of an Incid...

Job description Role Overview: Were looking for a Email Security Researcher to join our Email Security Research Team. In this role, you will focus on identifying and mitigating advanced email-borne threatsspam, Business Email Compromise (BEC), vishing, and targeted impersonation campaigns. Youll leverage open-source and commercial tools, develop detection rules, and collaborate with global SOC teams to continuously improve our email threat-detection capabilities. Key Responsibilities: Threat Analysis & Hunting: Review large volumes of email traffic to identify malicious patterns, emerging spam campaigns, BEC tactics, vishing attempts, and impersonation fraud. Perform root-cause analysis on i...