Engineer III – Software
Charity Navigator
CloudJ2EEJavaScriptMicroservices.NETPythonReactSOAP
Senior Detection Engineer
Binary Defense
full-time
Posted on:
Location Type: Remote
Location: Remote • Texas • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
CloudPythonSplunk
About the role
- Lead threat-informed detection efforts by staying current with emerging adversary techniques, malware, and campaigns; ensure the detection backlog reflects the most relevant threats.
- Guide the Detection Engineering team on prioritization, coverage, and detection choke points that deliver the most meaningful risk reduction for clients.
- Design, implement, and validate detections across SIEM (Splunk, Sentinel, Chronicle) and EDR platforms (CrowdStrike, Cortex XDR, SentinelOne, Defender for Endpoint) using a detection-as-code approach.
- Assist with development of detection-as-code solutions using Python and REST APIs, enabling CI/CD pipelines for rule deployment, testing, and telemetry inspection.
- Collaborate with Threat Intel, IR, and SOC teams to transform intelligence into high-fidelity detection logic.
- Contribute to threat modeling and coverage mapping to identify gaps and reduce detection blind spots.
- Participate in adversary emulation and validation efforts (e.g., Atomic Red Team, custom tooling).
- Mentor junior engineers to better understand attack chains and how adversaries operate.
- Support threat research by building capabilities to extract threat intelligence insights from detection engineering efforts.
Requirements
- 2–5+ years of hands-on experience in detection engineering, threat hunting, or incident response
- Strong proficiency with Python and REST APIs for interacting with EDR/SIEM platforms and automating detection workflows
- Demonstrated experience writing, tuning, and validating detection logic in at least one of: Sigma, YARA-L, Splunk SPL, KQL, XQL
- Experience with telemetry sources including Windows security logs, Sysmon, firewall/proxy logs, and cloud platform audit logs.
- Familiarity with MITRE ATT&CK and how to map detections to adversary techniques and detection choke points
- Ability to quickly learn new security technologies and adapt detection strategies accordingly
- Comfortable working in a fast-paced environment where threat-driven detection and rapid iteration are the norm.
Benefits
- Competitive medical, dental and vision coverage for employees and dependents
- 401k match which vests every payroll
- Flexible and remote friendly work environment
- Training opportunities to expand your skill set
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
PythonREST APIsdetection engineeringthreat huntingincident responsedetection logicSigmaYARA-LSplunk SPLKQL
Soft skills
mentoringcollaborationadaptabilityproblem-solvingcommunication
