This role sits at the intersection of threat intelligence, detection engineering, and incident investigation with an engineering-first mindset
Job Summary
This role sits at the intersection of threat intelligence, detection engineering, and incident investigation with an engineering-first mindset.
We focus on translating external threat intelligence into actionable detections, building custom, high-fidelity detections for cloud and SaaS environments, and leading complex investigations and incident response.
You’ll help define how threat intelligence is used, not just consume it, and you’ll work on real attacker behavior, not checkbox security.
Matching Summary
This role sits at the intersection of threat intelligence, detection engineering, and incident investigation with an engineering-first mindset.
Skills & Requirements
Must-have
threat intelligence to actionable detections
custom high-fidelity detections
cloud and SaaS environments
Python for automation
querying large datasets
cloud security telemetry
Nice-to-have
attacker TTPs mindset
investigating ambiguous signals
security by design partnership
explaining technical risk
Key Requirements
5–7 years in security
2+ years in threat detection, threat intelligence, or investigations