Staff Security Content Engineer (Detection Engineering)

Job Summary:

We are seeking a Senior Staff Engineer to lead complex detection engineering initiatives across cloud and on-prem environments. The role demands strong technical leadership, expertise in cybersecurity threats, and experience building best-in-class detection content. The hire will mentor junior engineers, optimize detection capabilities, and drive the roadmap for innovative detection solutions.

Primary Responsibilities:

• Lead and drive detection engineering projects across cloud and on-prem environments.
• Collaborate with product, analytics, and business teams to define and prioritize detection initiatives.
• Evaluate and integrate technologies to enhance detection content development processes.
• Participate in incident management, root cause analysis, and performance tuning.
• Identify and implement process improvements, including automation and optimization of detections.
• Develop prototypes for new detection capabilities to reduce Mean Time to Detect (MTTD) threats.
• Implement and utilize Breach and Attack Simulation platforms for enhanced content delivery.
• Mentor and guide junior detection engineers, driving best practices, code quality, and documentation.

Must-Have Skills:

• 1012 years of experience in Cybersecurity as a Detection Engineer or related roles.
• Proven experience in leading SOC operations technically.
• Strong understanding of MITRE ATT&CK Framework.
• In-depth knowledge of attacker TTPs and designing detections accordingly.
• Solid understanding of cyber threats, attack vectors, and mitigation strategies.
• Proficiency in security technologies: SIEM, EDR, IDS/IPS, network traffic analysis, endpoint security controls, and SOAR.
• Experience with cloud platforms: AWS, GCP, or Azure.
• Strong fundamentals in network protocols and operating systems.
• Experience with offensive security testing tools.
• Strong written and verbal communication skills for technical documentation.

Preferred Skills:

• Experience in detection development across multiple SIEM vendors.
• Python automation development experience.
• Prior experience developing cloud detection content.