FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Senior Detection Engineer – SIEM, Security Observability
Keeper Security, Inc.Senior Detection Engineer focusing on SIEM operations and security telemetry at Keeper Security. Collaborate with various teams to enhance security visibility, detection maturity, and operational readiness.
Tech Stack
Tools & technologiesAWSCloudPythonSplunk
About the role
Key responsibilities & impact- Design, build, and maintain detection and telemetry capabilities across Datadog, SentinelOne, and Wiz
- Develop, test, and tune high-fidelity detection rules aligned to real-world attack scenarios and adversary behaviors
- Continuously improve alert quality by reducing false positives, eliminating noise, and increasing detection accuracy
- Implement and mature detection-as-code practices for scalable, version-controlled, and testable rule management
- Define and enforce logging, telemetry, and instrumentation standards across cloud infrastructure, applications, endpoints, and identity systems
- Build and optimize log ingestion, parsing, normalization, enrichment, and retention pipelines
- Automate onboarding of new data sources and improve telemetry coverage across production and corporate environments
- Correlate signals across SIEM, EDR, cloud, identity, and security tooling to improve detection depth and investigation quality
- Partner with Security Operations to improve triage workflows, incident response readiness, and escalation quality
- Build dashboards, analytics, and reporting that support operational decision-making across Security, SRE, and Engineering
- Map and maintain detection coverage against MITRE ATT&CK and help identify visibility gaps
- Perform detection gap assessments and evolve use cases based on threat intelligence, threat hunting, and emerging risks
- Collaborate with cloud, infrastructure, product, and compliance teams to strengthen secure logging and observability patterns throughout the software development lifecycle
Requirements
What you’ll need- 5–8+ years of experience in detection engineering, SIEM engineering, security engineering, or security observability
- Hands-on experience with SIEM, security analytics, or observability platforms, such as Datadog, SentinelOne, Splunk, Microsoft Sentinel, Elastic, or similar tools
- Experience building, tuning, and maintaining detection rules, correlation logic, and alerting workflows
- Strong understanding of security telemetry across cloud, endpoint, identity, and application environments
- Experience with log parsing, normalization, enrichment, and pipeline management
- Strong knowledge of cloud environments, with AWS preferred
- Proficiency in scripting or automation using Python, PowerShell, or similar
- Solid understanding of modern detection strategies, attacker behaviors, and the MITRE ATT&CK framework
- Ability to work cross-functionally with Security Operations, Engineering, Infrastructure, and SRE teams
Benefits
Comp & perks- Medical, Dental & Vision (inclusive of domestic partnerships)
- Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life
- Voluntary Short/Long Term Disability Insurance
- 401K (Roth/Traditional)
- A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc)
- Above market annual bonuses
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
detection engineeringSIEM engineeringsecurity engineeringsecurity observabilitydetection rulescorrelation logicalerting workflowslog parsingautomationscripting
Soft Skills
collaborationcross-functional teamworkincident response readinesstriage workflowsoperational decision-making