Detection Engineer to design, develop, and maintain high-fidelity detection logic, and serve as a hands-on incident responder when complex or novel threats demand human judgment and coordinated response.

Requirements

Design, develop, and maintain high-fidelity detection logic, including correlation rules, detection-as-code pipelines, and behavioral analytics, across SIEM, EDR, NDR, and cloud-native platforms.
Apply detection-as-code principles, version detection logic in Git, test in CI/CD pipelines, and deploy through automated workflows.
Map detection coverage to MITRE ATT&CK and maintain a living detection coverage matrix; identify and close gaps proactively.
Translate threat intelligence reports, red team findings, and incident post-mortems into actionable detection logic.
Manage signal-to-noise ratio across detection platforms through iterative rule logic refinement, suppression tuning, and threshold calibration.
Design and build automated response playbooks and enrichment workflows using SOAR platforms, enabling the system to triage, enrich, and respond to high-confidence alert classes without manual analyst intervention.
Integrate SOAR with SIEM, EDR, threat intelligence platforms, ticketing systems, and cloud APIs via REST APIs and custom connectors.
Serve as an escalation point for complex or novel security incidents, performing a deep-dive investigation across endpoint, network, identity, and cloud telemetry.
Conduct hypothesis-driven threat hunts using behavioral analytics, anomaly detection, and adversary TTP modeling.
Collaborate with team exercises to validate detection and response effectiveness; incorporate findings into the detection backlog.

Benefits

Generous Paid Time Off
401k Matching
Retirement Plan
Four Day Work Week
Generous Parental Leave
Tuition Reimbursement
Relocation Assistance

Requirements

Design, develop, and maintain high-fidelity detection logic, including correlation rules, detection-as-code pipelines, and behavioral analytics, across SIEM, EDR, NDR, and cloud-native platforms.

Apply detection-as-code principles, version detection logic in Git, test in CI/CD pipelines, and deploy through automated workflows.

Map detection coverage to MITRE ATT&CK and maintain a living detection coverage matrix; identify and close gaps proactively.

Translate threat intelligence reports, red team findings, and incident post-mortems into actionable detection logic.

Manage signal-to-noise ratio across detection platforms through iterative rule logic refinement, suppression tuning, and threshold calibration.

Design and build automated response playbooks and enrichment workflows using SOAR platforms, enabling the system to triage, enrich, and respond to high-confidence alert classes without manual analyst intervention.

Integrate SOAR with SIEM, EDR, threat intelligence platforms, ticketing systems, and cloud APIs via REST APIs and custom connectors.

Serve as an escalation point for complex or novel security incidents, performing a deep-dive investigation across endpoint, network, identity, and cloud telemetry.

Conduct hypothesis-driven threat hunts using behavioral analytics, anomaly detection, and adversary TTP modeling.

Collaborate with team exercises to validate detection and response effectiveness; incorporate findings into the detection backlog.

Detection Engineer

About the Company

Job Description

Requirements

Benefits

Similar Jobs

Detection Engineer

Detection Engineer

Detection Engineer

Detection Engineer

About the Company

Job Description

Requirements

Benefits

Similar Jobs

Detection Engineer

Detection Engineer

Detection Engineer

Job Details

About Lumin Digital