Detection Engineer

Job Summary

A company is looking for a Detection Engineer to join their Detection Engineering team.

Key Responsibilities

• Design and implement detections using a detection-as-code approach across SIEM and EDR platforms
• Develop and operationalize detection logic in YAML/Sigma/YARA-L, including documentation and testing
• Collaborate with various teams to create threat-informed detections based on real-world attack behaviors

Required Qualifications

• 2-5+ years of experience in detection engineering, threat hunting, or incident response
• Strong proficiency with Python and REST APIs for automating detection workflows
• Experience writing and validating detection logic in Sigma, YARA-L, or similar languages
• Familiarity with telemetry sources such as Windows security logs and cloud platform audit logs
• Understanding of MITRE ATT&CK and mapping detections to adversary techniques