CrawlJobs Logo

Cyber Threat Detection Engineer

rearc.io Logo

Rearc

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Rearc is looking for a Cybersecurity Threat Detection Engineer with proactive communication skills, a foundation in DevSecOps, Detection-As-Code, deep purple team technical expertise, and an entrepreneurial approach to join our growing Cybersecurity practice. This role involves partnering with Rearc customers to design cutting-edge detection strategies and support the development of top-tier, modern cybersecurity monitoring programs. You will craft tailored security detections to strengthen our clients' cybersecurity efforts by leveraging Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), and Network Detection and Response (NDR) services.

Job Responsibility:

  • Utilize NDR, EDR, real-time streaming, and SIEM technologies to develop robust threat detection capabilities
  • Build and optimize detection rules leveraging real-time data streaming to enhance detection accuracy
  • Design enrichment pipelines and automation workflows to enhance the precision of threat detections
  • Develop correlation logic and automated processes to create high-fidelity threat alerts
  • Build compliance and recoverability of customer Data Analytics solutions, including SOPs, data onboarding, normalization, enrichment, and system maintenance
  • Create automation playbooks for incident triage and response
  • Align detection content with customer-specific Use Case Frameworks and provide metrics on cybersecurity threats impacting their environment
  • Collaborate with customer cybersecurity teams to cover gaps and enhance enterprise posture
  • Support enterprise Cybersecurity, Information Technology (IT), and Operational Technology (OT) teams by providing dashboards and other data exploration tools
  • Stay continually aware of emerging cybersecurity threats and trends, adapting detection strategies as needed
  • Work closely with customer teams, including Cybersecurity Operations Center (CSOC), Operational Technology (OT), and Incident Response (IR) teams, to ensure detections are actionable and relevant
  • Provide feedback to improve the customer's security framework and overall security monitoring strategy

Requirements:

  • 6+ years of experience in Cybersecurity with a focus on: Log streaming
  • Cybersecurity data lakes and data warehousing
  • SOAR engineering
  • SIEM engineering, administration, architecture, and operations
  • Data science, statistical analysis, and threat detection development
  • Integrating disparate IT, OT, and business applications into SIEM systems
  • Bachelor's degree in Management Information Systems, Computer Science, or a related field
  • A strong passion for Cybersecurity and a commitment to staying current with industry trends, best practices, and tools
  • Proven experience in documenting, socializing, and operationalizing Cybersecurity technologies and processes
  • Prior programming experience in Python, SQL, and Apache Spark
  • Solid understanding of common attack techniques and their practical applications
  • Demonstrated ability to work effectively across multiple teams, building cross-functional relationships with individuals of varying technical expertise
  • A self-starter with a proven ability to thrive in fast-paced environments
  • Strong technical communication skills, both written and verbal

Nice to have:

Prior experience with platforms like Databricks, Cribl, Tines, or other cybersecurity lakehouse providers

Additional Information:

Job Posted:
January 04, 2026

Work Type:
Remote work
Icon
Rearc - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cyber Threat Detection Engineer

Senior Threat Detection Engineer

We’re expanding our Threat Detection Engineering team at Atlassian and looking f...
Location
Location
United States , San Francisco
Salary
Salary:
146300.00 - 235000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Minimum 3 years experience in Detection Engineering roles
  • Experience building advanced data analytics and ML based detection models to identify complex threats
  • Experience building effective detection capabilities to modern cloud environments
  • Experience using common programming languages to build automation
  • Experience identifying threats through proactive threat hunting
  • Experience using security detection technologies and systems, including firewalls, intrusion detection systems, EDR, and authentication systems
  • Experience successfully delivering complex projects
  • Strong analytical skills and the ability to effectively identify and resolve problems
Job Responsibility
Job Responsibility
  • Develop advanced threat detection mechanisms using complex data analytics and machine learning models that can effectively identify and raise alerts for any adversarial or high-risk behaviors within the Atlassian’s systems
  • Continuous improvement and fine-tuning of detection systems to effectively adapt to new and emerging cyber threats
  • Monitor and enhance critical detection systems to ensure their reliability and effectiveness in delivering robust detection capabilities
  • Deploy new detection technologies to continuously uplift and improve our detection capabilities
  • Collaborate with partner teams such as Incident Response and Threat Intelligence is to establish and maintain meaningful security alerts
  • Work closely with these teams to ensure security alerts are relevant, actionable, and aligned with the overall security strategy
  • Collaborate closely with Product Engineering, Data Platform, and Security Engineering teams to advance our detection coverage and tooling in our production cloud environments
  • Automate complex security operational tasks, aiming to streamline and optimize routine security activities
  • Develop tools, systems, and programs to enhance and fortify Atlassian's overall security posture
  • Remain informed about the latest security trends, emerging threats, and evolving technologies to ensure that Atlassian is well-prepared to adapt to new security challenges
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Threat Detection Engineer

At Atlassian, we are seeking a skilled Threat Detection Engineer to join our tea...
Location
Location
United States , San Francisco
Salary
Salary:
128300.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Minimum 3 years experience in Security Operations roles and 1 year experience in Detection Engineering role
  • Experience building threat detection mechanisms in common log analysis platforms (eg. Splunk)
  • Experience using common programming languages to build automation
  • Experience performing threat hunting
  • Experience using security detection technologies and systems, including firewalls, intrusion detection systems, EDR, and authentication systems
  • Experience with cloud technologies including AWS and network protocols
  • Strong analytical skills and the ability to effectively identify and resolve problems
Job Responsibility
Job Responsibility
  • Develop advanced threat detection mechanisms that can effectively identify and raise alerts for any adversarial or high-risk behaviors within the company's systems
  • Continuous improvement and fine-tuning of detection systems to effectively adapt to new and emerging cyber threats
  • Monitor and enhance critical detection systems to ensure their reliability and effectiveness in delivering robust detection capabilities
  • Collaborate with partner teams such as Incident Response and Threat Intelligence to establish and maintain meaningful security alerts
  • Perform threat hunting activities to proactively identify and mitigate new and emerging threats within Atlassian's systems
  • Automate common security operational tasks, aiming to streamline and optimize routine security activities
  • Develop tools, systems, and programs to enhance and fortify Atlassian's overall security posture
  • Remain informed about the latest security trends, emerging threats, and evolving technologies to ensure that Atlassian is well-prepared to adapt to new security challenges
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Analyst, Security Preventative & Threat Engineer

We’re seeking a Preventative & Threat Engineer to proactively prevent, detect, a...
Location
Location
Bulgaria , Sofia
Salary
Salary:
Not provided
ebrd.com Logo
European Bank for Reconstruction and Development
Expiration Date
January 12, 2026
Flip Icon
Requirements
Requirements
  • Experience with SIEM and SOAR tools
  • An understanding of core security fundamentals and concepts
  • Can proactively identify and address security issues
  • Familiar with cloud security concepts and best practices, as well as the security features and capabilities of major cloud platforms such as AWS, Azure, and GCP
  • Familiar with security automation tools and techniques
  • Ability to analyse large data sets and identify anomalies
  • Ability to quickly create and deploy countermeasures under pressure
  • Ability to create complex scripts, develop tools, or automate processes in Python or other relevant command languages
Job Responsibility
Job Responsibility
  • Assists to proactively prevent, detect and respond to Cyber Security incidents to reduce risk
  • Assists with hypothesing new threats and indicators of compromise
  • Contributes to forming conclusions that may challenge conventional wisdom
  • Works with the Associate to Identify new and dynamic ways to protect the organisation against the evolving threat landscape
  • Supports the monitoring of threat intelligence feeds to identify a range of threats, including indicators of compromise and advanced persistent threats (APTs)
  • Supports the identification of the tactics, techniques and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks
  • Understand and support the use of the Threat Hunting Maturity Model and Threat Hunt Process during investigations
  • Assists with conducting threat assessments to identify what threats are most likely to target this business, and how they would execute their attacks
  • Support the capture of attacker techniques, indicators of compromise and objectives, and use the captured information to improve defences through recommendations for the creation of detection logic
  • Provides support and cover to the Incident Response specialism where required
What we offer
What we offer
  • Varied, stimulating and engaging work
  • A working culture that embraces inclusion and celebrates diversity
  • Hybrid and flexible working arrangements
  • An environment that places sustainability, equality and digital transformation at the heart of what we do
  • A workplace that prioritises employee wellbeing and provides a comprehensive suite of competitive benefits
  • Fulltime
!
Read More
Arrow Right

Cyber Security Engineer

We are looking for someone dynamic who can quickly adapt to new challenges and f...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
miniclip.com Logo
Miniclip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 1 year of experience in SOC or similar cybersecurity role with exposure to advanced threat detection and analysis
  • Background in Computer Science, Information Technology, or a related field
  • Proficiency in SIEM platforms (e.g., Sentinel, Splunk, QRadar) and writing custom correlation rules
  • Hands-on experience conducting: Technical Software Security Risk Assessments
  • Vulnerability Assessments in web and/or mobile applications, and Physical and Wireless penetration testing
  • Document and report incidents/assessments/findings
  • Understanding of cybersecurity standards and frameworks (e.g., ISO27001, NIST, NIS2, OWASP)
  • Availability for work outside of regular hours on short notice to handle emergencies
  • A social and hard-working candidate who thrives in a team environment and is passionate about their work
  • Solid understanding of cyber security best practices and frameworks
Job Responsibility
Job Responsibility
  • Incident handling: Identifying, triaging, and investigating potential security incidents
  • Systems Administration: Understanding system internals and implementing effective countermeasures and remediation strategies on different operating systems
  • Computer Forensic Analysis: Possessing a background in utilizing diverse forensic analysis tools during incident response investigations to assess the scope and depth of compromise
  • Vulnerability Assessment: Review and validate vulnerability reports collected by our systems working closely with cross-functional core/development teams to prioritize and facilitate the remediation of identified vulnerabilities in a timely manner
  • Reporting and documentation: Develop and maintain accurate records of all the incidents, vulnerability reports, assessments, remediation efforts, ensuring clear documentation of findings and resolutions
  • Awareness: Promote security awareness within the organization by conducting training sessions, sharing insights on emerging threats, and fostering a culture of security consciousness
  • Threat Hunting: Performing proactive threat hunting across the group
  • Physical Security: Availability to travel through our different studios to identify physical vulnerabilities and propose remediation measures
Read More
Arrow Right

Cyber Security Engineer

Darumatic is an IT Consultancy and Recruitment Services Company that focuses on ...
Location
Location
Australia , Canberra
Salary
Salary:
Not provided
darumatic.com Logo
Darumatic
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Character clearance, including a police check
  • Negative Vetting level 1
  • Political neutrality
  • Australian citizen
  • Experience using Sentinel or a similar SIEM solution is essential
  • In-depth familiarity with the Australian Government Information Security Manual
  • Experience with security technologies such as endpoint protection, firewalls and IDS/IPS
  • Extensive experience in Windows, Linux, networking and system administration
  • Experience with security services in the cloud (Azure or AWS)
Job Responsibility
Job Responsibility
  • Detection and coordination of incident response to threats, both foreign and domestic, against critical electoral systems
  • Augmenting the existing operations team to assist in uplifting the existing capability
  • Maintenance of cyber security monitoring and analysis toolsets
  • Taking a lead role in the build of the cyber security architecture through consultation with client's internal teams to secure this architecture
  • Working primarily in the office
  • Ability to work shifts as required in response to cyber security incident, and also to support electoral events at key periods (e.g. close of rolls, polling day)
Read More
Arrow Right

Cyber Security Engineer

The Cyber Security Engineer is responsible for managing and securing the organiz...
Location
Location
United States , El Monte
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of 4 years of experience in cybersecurity, IT administration, or a related role
  • Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) preferred
  • Strong knowledge of security technologies, including firewalls, VPNs, IDS/IPS, and antivirus solutions
  • Experience with Office 365 security configurations, including conditional access and MFA
  • Proficiency in Azure security concepts and tools
  • Familiarity with internal and external scanning tools and techniques
  • Knowledge of security frameworks and standards.
Job Responsibility
Job Responsibility
  • Administer and manage security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions
  • Monitor and analyze security logs and alerts to detect and respond to potential security incidents
  • Implement and manage identity and access management (IAM) systems, including user provisioning and de-provisioning for Office 365 and Azure environments
  • Configure and enforce conditional access policies to ensure secure access to applications and data based on user context and risk levels
  • Implement multi-factor authentication (MFA) to strengthen security for Office 365 and other critical applications
  • Respond to and investigate security incidents, coordinating with IT and other departments to remediate vulnerabilities
  • Maintain incident response plans and participate in post-incident reviews to improve security processes
  • Conduct regular internal and external vulnerability scans to identify security weaknesses and ensure compliance
  • Perform penetration testing and threat assessments to simulate attacks and evaluate the security posture of the organization
  • Develop, implement, and maintain security policies, procedures, and guidelines specific to Office 365, Azure, and other cloud services
What we offer
What we offer
  • Access to top jobs, competitive compensation and benefits, and free online training
  • Medical, vision, dental, and life and disability insurance
  • Eligibility to enroll in 401(k) plan.
  • Fulltime
Read More
Arrow Right

Lead Threat Intelligence Analyst

We are looking for a Lead Threat Intelligence Analyst. In this role, you'll be a...
Location
Location
United States , New York
Salary
Salary:
133900.00 - 198160.00 USD / Year
take2games.com Logo
Take-Two Interactive Software, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5-7 years of experience in cybersecurity
  • Minimum of 3 years in a dedicated threat intelligence role
  • Strong understanding of the cyber threat landscape, including knowledge of threat actor groups, common attack vectors, and malware families
  • Proven ability to analyze complex data from various sources (e.g., open-source intelligence, dark web forums, technical reports) to form a cohesive threat picture
  • Familiarity with common threat intelligence frameworks like MITRE ATT&CK, the Cyber Kill Chain, and Diamond Model
  • Excellent written and verbal communication skills, with the ability to present technical information clearly to both technical and non-technical audiences
  • Experience with threat intelligence platforms (TIPs), security information and event management (SIEM) systems, and forensic tools
Job Responsibility
Job Responsibility
  • Lead the design, development, and continuous improvement of the organization’s cyber threat intelligence (CTI) program
  • Perform deep-dives into cyber threats, including analyzing malware, understanding adversary tactics, techniques, and procedures (TTPs), and tracking threat actor groups
  • Create and refine threat models and frameworks to predict and prepare for potential attacks
  • Work with our Global Security Operations Center (GSOC), Detection Engineering, Automation Engineers and Incident Response teams to integrate threat intelligence into our detection and prevention systems
  • Generate timely and high-quality intelligence/Threat Landscape reports, risk forecasts and alerts for technical and executive audiences
  • Promote automation of indicator ingestion, correlation, and dissemination across GSOC, Automation and IR platforms
  • Define and track key performance indicators (KPIs) for the threat intelligence program
  • Conduct periodic maturity assessments of the threat intelligence function
  • Provide guidance and mentorship to junior analysts
What we offer
What we offer
  • Medical (HSA & FSA)
  • dental
  • vision
  • 401(k) with company match
  • employee stock purchase plan
  • commuter benefits
  • in-house wellness program
  • broad learning & development opportunities
  • a charitable giving platform with company match
  • Fitness allowance
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Poland Jobs Ireland Jobs Germany Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy