The Detection Engineer is responsible for designing, implementing, and continuously validating detection capabilities to reduce mean time to detect threats
Job Summary
The Detection Engineer is responsible for designing, implementing, and continuously validating detection capabilities to reduce mean time to detect threats.
This role requires conducting breach and attack simulations to align detection coverage with evolving adversary techniques and threat intelligence.
Candidates must have strong experience with SIEM platforms, scripting languages like Python, and the ability to integrate threat intelligence feeds into workflows.
Matching Summary
The Detection Engineer is responsible for designing, implementing, and continuously validating detection capabilities to reduce mean time to detect threats.
Skills & Requirements
Must-have
SIEM platform experience (Splunk, Sentinel)
Detection rule development and tuning
Breach and attack simulation (BAS) execution
MITRE ATT&CK framework mapping
Python or PowerShell scripting ability
SOAR platform automation experience
Nice-to-have
AI and machine learning in cybersecurity
Cloud environment security telemetry
Containerized environment detection
Purple team exercise participation
Threat hunting collaboration skills
Key Requirements
Bachelor's degree in Cybersecurity or related field
Minimum 2 years of experience in cybersecurity or network security