Threat Detection Engineer

We are seeking a highly analytical and proactive Threat Detection Engineer to design, develop, and optimize detection capabilities across our security platforms. In this role, you will focus on building advanced detection logic, improving visibility, and strengthening our ability to identify and respond to emerging threats. You will collaborate closely with SOC analysts and engineering teams to continuously enhance our security offerings.

Key responsibilities:

• Conduct threat detection, incident handling and hunting activities by leveraging security best practices and current detection/response platforms.
• Proactively threat hunt and identify misconfigurations within a SIEM solution. Additionally, be able to provide strategic recommendations and assist in guiding the customer to resolution.
• Develop use cases and create threat detection logic, rules, and alerting in SIEM for response by the Security Operations team.
• Contributing to the management of playbooks in our SOAR solution.
• Identify gaps in log collection, signatures, and indicators of compromise (IOC) visibility. Then work with customer success team and engineering to improve detection capabilities.
• Identify advanced malicious activity that has evaded traditional security monitoring capability.
• Assist customers with requests to help integrate the SIEM into their environment and workflows.

• Bachelor’s degree in Computer Science, Information Security, or related field
• 3+ years’ experience with SIEM, EDR, XDR, SOAR, and NDR
• Experience in security operations, threat detection, incident response, or security engineering. Prior consulting or advisory experience preferred.
• Strong knowledge of endpoint detection, alerting, and content tuning
• Solid understanding of networks, protocols, and security tools (IPS, IDS, HIPS, firewalls)
• Hands-on SOC experience as an analyst or security engineer
• Experience writing SIEM rules/queries and analyzing malicious network traffic
• Ability to gather threat intelligence and identify IoCs across host and network
• Familiarity with common log sources (EDR, syslog, Windows Event Logs, DNS, firewall, Office 365, etc.)
• Relevant certifications (GIAC, ISC2, CompTIA, Microsoft, IBM) preferred
• Strong communication skills and ability to work in dynamic environments

We will offer you a friendly and dynamic working environment, in which you can develop your skills and competencies and a workplace with a strong focus on values and work-life balance.