Sr Detection Engineer in United States at Jobgether

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Sr Detection Engineer in the United States.

This role is at the core of a modern cybersecurity defense strategy, focusing on building, tuning, and evolving the detection logic that powers high-fidelity security alerts across a global environment. You will operate at the intersection of engineering and security operations, designing detection mechanisms that identify adversary behavior across cloud, endpoint, and network systems. Working closely with SOC and MDR teams, you will ensure alert quality, reduce noise, and strengthen the organization’s ability to respond to threats in real time. The position emphasizes a Detection-as-Code approach, treating security rules as engineered products that require continuous testing, validation, and improvement. You will also play a key role in analyzing complex incidents, onboarding new data sources, and enhancing SIEM architecture. This is a highly technical, collaborative environment where curiosity, precision, and proactive thinking directly improve security posture.

• Design, develop, and continuously tune SIEM detection rules aligned with MITRE ATT&CK to identify malicious activity across cloud, endpoint, and network environments.
• Own the detection lifecycle using a Detection-as-Code approach, ensuring rules are version-controlled, tested, and optimized for accuracy and performance.
• Provide Tier 3 escalation support, conducting deep-dive investigations and root cause analysis for complex security incidents.
• Partner with infrastructure teams to ensure SIEM health, including log ingestion validation, parsing, and data retention compliance.
• Lead onboarding of new data sources such as cloud APIs, SaaS platforms, and internal applications into the SIEM environment.
• Collaborate with MDR and SOC teams to improve alert quality, triage effectiveness, and overall detection coverage.
• Proactively simulate adversary behaviors to test and validate detection logic against real-world attack scenarios.

• 3+ years of experience in SIEM content development, detection engineering, or security operations engineering.
• Bachelor’s degree in Computer Science, Information Systems, Engineering, or equivalent experience.
• Strong understanding of cybersecurity principles, network protocols (TCP/IP, DNS, HTTP/S), and cryptographic concepts.
• Experience mapping MITRE ATT&CK tactics, techniques, and procedures to detection rules.
• Proficiency in SIEM platforms, including advanced query writing, correlation rules, and dashboard development.
• Strong scripting skills in Python, Bash, or PowerShell for automation, API integration, and data processing.
• Familiarity with cloud security environments (AWS, Azure, GCP) and endpoint detection telemetry (EDR).
• Ability to analyze complex technical issues and translate findings into actionable detection improvements.

• Competitive annual base salary ranging from $117,100 to $154,000 USD, with potential bonuses.
• Comprehensive health coverage including medical, dental, and vision insurance.
• Unlimited PTO and flexible work arrangements supporting work-life balance.
• Remote-first environment with optional hybrid collaboration for eligible locations.
• Professional development funds, certifications support, and continuous learning opportunities.
• Access to advanced cybersecurity tools, platforms, and hands-on security engineering work.
• Wellness reimbursements and additional employee support programs.
• Strong culture of trust, autonomy, inclusion, and technical growth.