Threat Detection Engineer

Reco

Threat Detection Engineer for Reco analyzing SaaS security data. Collaborating with security researchers and customers to improve detection capabilities.

Posted 5/13/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

CloudCyber SecuritySplunkSQL

About the role

Key responsibilities & impact

Dive deep into terabytes of SaaS Application data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces.
Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
Utilize your technical prowess to investigate complex SaaS & AI security incidents, analyzing data from diverse SaaS applications to uncover the root causes and methods of attack.
Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of the platform's threat alerts.
Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
Collaborate with security researchers and data scientists to define new threat detection strategies based on SaaS attack vectors and industry trends.
Continuously monitor and analyze SaaS attack techniques, adapting security posture to evolving threats.
Work with APIs and integrations to ingest security logs from various SaaS platforms, correlating signals to detect real threats.

Requirements

What you’ll need

A background of at least 5 years in cybersecurity, preferably in SOC, SIEM, Threat Intelligence, or Cloud Security
Experience with SaaS security challenges, such as shadow IT, OAuth risks, IDP misconfigurations, and excessive permissions.
Hands-on experience with security data analysis, including large-scale log processing, anomaly detection, and behavioral analytics.
Proficiency in SQL (e.g., ClickHouse) for querying security events and correlating threat indicators.
Strong understanding of identity-based attacks, insider threats, and SOC detection methodologies.
Familiarity with SIEM and XDR solutions (e.g., Splunk, Sentinel, Chronicle) and their role in modern detection engineering.
Strong problem-solving and analytical skills to triage security incidents and optimize detection rules.

Benefits

Comp & perks

🌐 Worldwide ❌ Jobs You've Hidden ⭐️ Saved Jobs ✅ Applied Jobs ✉️ Email Alerts 👤 Account Reco Website LinkedIn All Job Openings 51 - 200 employees Founded 2020 🔒 Cybersecurity ☁️ SaaS 🤖 Artificial Intelligence 🔥 Funding within the last year 💰 $25M Series unknown on 2025-05 Cybersecurity
SaaS
Artificial Intelligence Reco is a Dynamic SaaS Security company offering a platform that discovers, governs, and secures SaaS applications and AI agents across their entire lifecycle. The platform provides SSPM (security posture management), SaaS app and shadow-AI discovery, identity & access governance, data exposure management, real-time threat detection & response, and AI governance features (Reco AI Agents and generative AI discovery). Reco integrates with 200+ SaaS apps and is designed to help enterprises continuously reduce SaaS attack surface, maintain compliance, and manage AI/agentic risk. Threat Detection Engineer 🔥 1 minute ago 🇺🇸 United States – Remote ⏰ Full Time 🟡 Mid-level 🟠 Senior 👷🏻‍♀️ Engineer Cloud Cyber Security Splunk SQL Apply Now Find Hiring Managers Customize resume + cover letter Report problem ☆ Save ☑️ Mark as applied ❌ Hide 📋 Description
Dive deep into terabytes of SaaS Application data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces.
Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
Utilize your technical prowess to investigate complex SaaS & AI security incidents, analyzing data from diverse SaaS applications to uncover the root causes and methods of attack.
Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of the platform's threat alerts.
Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
Collaborate with security researchers and data scientists to define new threat detection strategies based on SaaS attack vectors and industry trends.
Continuously monitor and analyze SaaS attack techniques, adapting security posture to evolving threats.
Work with APIs and integrations to ingest security logs from various SaaS platforms, correlating signals to detect real threats. 🎯 Requirements
A background of at least 5 years in cybersecurity, preferably in SOC, SIEM, Threat Intelligence, or Cloud Security
Experience with SaaS security challenges, such as shadow IT, OAuth risks, IDP misconfigurations, and excessive permissions.
Hands-on experience with security data analysis, including large-scale log processing, anomaly detection, and behavioral analytics.
Proficiency in SQL (e.g., ClickHouse) for querying security events and correlating threat indicators.
Strong understanding of identity-based attacks, insider threats, and SOC detection methodologies.
Familiarity with SIEM and XDR solutions (e.g., Splunk, Sentinel, Chronicle) and their role in modern detection engineering.
Strong problem-solving and analytical skills to triage security incidents and optimize detection rules. Apply Now 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score Similar Jobs Lustre Engineer 🔥 59 minutes ago NetApp 10,000+ employees 🔌 API 🤖 Artificial Intelligence ☁️ SaaS Website LinkedIn All Job Openings Sr. Lustre Engineer responsible for delivering enterprise class NetApp software, tackling profound data challenges. Collaborating with teams and presenting to senior leadership. 🇺🇸 United States – Remote 💵 $170k - $253k / year 💰 Venture Round on 1994-01 ⏰ Full Time 🟡 Mid-level 🟠 Senior 👷🏻‍♀️ Engineer 🦅 H1B Visa Sponsor E&IC Engineer 🔥 2 hours ago Design Hire LLC 11 - 50 🎯 Recruiter 🤝 B2B Website LinkedIn All Job Openings E&IC Engineer designing and modernizing control system architectures in industrial and nuclear environments. Collaborating with teams to deliver engineered replacement packages ensuring reliability and safety. 🇺🇸 United States – Remote 💵 $130k - $150k / year ⏰ Full Time 🟡 Mid-level 🟠 Senior 👷🏻‍♀️ Engineer Engineer 🔥 2 hours ago True Zero Technologies, LLC 11 - 50 🔒 Cybersecurity 🏢 Enterprise ☁️ SaaS Website LinkedIn All Job Openings Palo Alto Engineer managing network security infrastructures for True Zero Technologies. Responsibilities include firewall management, security policy design, and troubleshooting. 🇺🇸 United States – Remote ⏰ Full Time 🟡 Mid-level 🟠 Senior 👷🏻‍♀️ Engineer AWS Azure Firewalls Python TCP/IP Mainframe VTAM Engineer 🔥 9 hours ago Truist 10,000+ employees 🏦 Banking 💸 Finance 🤝 B2B Website LinkedIn All Job Openings Mainframe VTAM Engineer resolving complex technical issues for Truist’s Network applications. Involving problem tracking, diagnosis and root-cause analysis with programming and debugging. 🇺🇸 United States – Remote ⏰ Full Time 🟡 Mid-level 🟠 Senior 👷🏻‍♀️ Engineer 🦅 H1B Visa Sponsor TCP/IP Senior Naval Electrical/Controls Engineer 🔥 11 hours ago CACI International Inc 10,000+ employees 🔒 Cybersecurity Website LinkedIn All Job Openings Senior Naval Electrical/Controls Engineer providing technical support for naval ship design projects. Focusing on cyber security and machinery controls for Navy vessels with engineering collaboration. 🇺🇸 United States – Remote 💵 $90.3k - $189.6k / year ⏰ Full Time 🟠 Senior 👷🏻‍♀️ Engineer Cyber Security View More Engineer Jobs 🌐 Worldwide Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or support@remoterocketship.com Search Search Jobs by country Search jobs by city Search jobs by job title Search entry-level jobs Search junior-level jobs Search senior-level jobs Search jobs by tech stack Search jobs by contract type Search remote internships Search remote part-time jobs Remote jobs Anywhere in the World Companies Hiring Anywhere in the World Companies Hiring Sales People Anywhere in the World Companies Hiring Software Engineers Anywhere in the World Resources Advice Tips for finding remote jobs Interview questions and answers Resume examples Cover letter examples Post a job Affiliates Privacy policy Terms of service Job board SEO course AI Apply Copilot OpenClaw job finder Jobs by Country Remote jobs anywhere in the world (Worldwide remote jobs) Remote jobs United States Remote jobs Australia Remote jobs Brazil Remote jobs Canada Remote jobs France Remote jobs Ireland Remote jobs Germany Remote jobs Netherlands Remote jobs Spain Remote jobs UK Popular Jobs Remote data analyst jobs Remote customer support jobs Remote executive assistant jobs Remote marketing jobs Remote product designer jobs Remote product manager jobs Remote project manager jobs Remote recruiter jobs Remote sales jobs Remote software engineer jobs Jobs by Type Remote full-time jobs Remote part-time jobs Remote contract jobs Remote internship jobs Remote entry-level jobs Remote jobs with no experience required Remote junior jobs (1-3 years of experience) Digital nomad jobs Remote jobs with no degree required Freelance remote jobs Temporary remote jobs Remote jobs hiring now Stay at home mom jobs

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecuritySaaS securitydata analysislog processinganomaly detectionbehavioral analyticsSQLthreat detection methodologiesdetection rulesidentity-based attacks

Soft Skills

problem-solvinganalytical skillscollaborationthought leadershipcommunication