Senior Cloud Detection Engineer

U.S. Bank

full-time

Posted on: 10/21/2025

Location Type: Hybrid

Location: Cincinnati • Minnesota, North Carolina, Ohio, Texas • 🇺🇸 United States

Visit company website

✨ AI Apply

Apply

Salary

💰 $111,605 - $131,300 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityDockerGoogle Cloud PlatformKubernetesPythonSplunk

About the role

Design and implement detection logic for cloud-native threats across AWS, Azure, and GCP.
Develop and maintain container security detections (e.g., Kubernetes, Docker, EKS, AKS, GKE).
Integrate detections into SIEM and XDR platforms, ensuring high fidelity and low noise.
Collaborate with CTI and Threat Hunting teams to operationalize threat intelligence into detection use cases.
Conduct gap analysis and contribute to visibility improvement initiatives.
Participate in purple team exercises and breach & attack simulations to validate detection coverage.
Provide technical mentorship to junior engineers and contribute to detection engineering standards.

Requirements

5+ years of experience in cybersecurity with a focus on cloud detection engineering.
Typically a bachelor's degree or equivalent experience
Advanced technical and functional subject matter expert knowledge across security domains
Deep understanding of AWS, Azure, and GCP security services and logging (e.g., CloudTrail, Azure Activity Logs, GCP Audit Logs).
Hands-on experience with container orchestration platforms and security tools (e.g., Falco, Sysdig, Aqua, Prisma Cloud).
Proficiency in writing detection rules using Sigma, KQL, SPL, or similar query languages.
Familiarity with MITRE ATT&CK Framework and its cloud matrix.
Experience with SIEM/XDR platforms (e.g., Splunk, Sentinel, Chronicle, Elastic).
Strong scripting skills (Python, PowerShell, Bash) for automation and enrichment.
Certifications such as AWS Certified Security – Specialty, Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer.
Experience with Infrastructure-as-Code (IaC) and CI/CD pipeline security.
Exposure to threat modeling and adversary emulation in cloud environments.

Benefits

Healthcare (medical, dental, vision)
Basic term and optional term life insurance
Short-term and long-term disability
Pregnancy disability and parental leave
401(k) and employer-funded retirement plan
Paid vacation (from two to five weeks depending on salary grade and tenure)
Up to 11 paid holiday opportunities
Adoption assistance
Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

cloud detection engineeringdetection logiccontainer securitydetection rulesscriptingInfrastructure-as-CodeCI/CD pipeline securitythreat modelingadversary emulationgap analysis

Soft skills

technical mentorshipcollaborationoperationalizationvisibility improvementparticipation in exercises

Certifications

AWS Certified Security – SpecialtyAzure Security Engineer AssociateGCP Professional Cloud Security Engineer