Senior Detection Engineer

Canary Red

full-time

Posted on: 1/2/2026

Location Type: Remote

Location: Remote • 🇺🇸 United States

✨ AI Apply

💰 $119,000 - $127,000 per year

Senior

CloudRealmSplunkSQL

About the role

Using Red Canary’s detection platform to analyze EDR telemetry, alerts, and log sources across several detection domains (Endpoint, Identity, SIEM, Cloud/SaaS, etc.)
Publishing threats for customers using concisely-written communication while effectively conveying key and important indicators
Researching coverage opportunities then creating new detectors, and tune existing ones.
Improving the Detection Engineering workflow through orchestration & automation
Providing mentorship to your peers and communicate effectively with others for efficient cross-team collaboration
Help lead projects to improve the quality of life for both the customer and the CIRT

Strong experience in Endpoint (MDR) and one or more of the following functional areas: Cloud/SaaS, Identity, Email or SIEM
Proven experience with automation and orchestration to effectively handle an extreme volume of telemetry and logs in a timely and efficient manner
Strong analytical thought-process and critical thinking skills to translate disparate activity into the realm of threat analysis
Experience using query languages and understanding syntax across EDR or other security platforms (SQL, K, Lucene, etc.)
Experience creating and tuning detectors/rules using commonly known tools such as YARA, SIGMA, Snort, Splunk, Elastic, etc.
Ability to work from Wednesday - Saturday from 5pm MST - 3am MST.

Benefits

Tip: use these terms in your resume and cover letter to boost ATS matches.

EDR telemetry analysisautomationorchestrationthreat analysisquery languagesSQLKLucenedetector creationdetector tuning

concise communicationmentorshipcross-team collaborationanalytical thinkingcritical thinking