CrawlJobs Logo

Principal Threat Detection Engineer - Blue Team

https://www.cvshealth.com/ Logo

CVS Health

Location Icon

Location:
United States , New York

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

144200.00 - 288400.00 USD / Year
Save Job
Save Icon
Job offer has expired

Job Description:

We’re building a world of health around every individual — shaping a more connected, convenient and compassionate health experience. At CVS Health®, you’ll be surrounded by passionate colleagues who care deeply, innovate with purpose, hold ourselves accountable and prioritize safety and quality in everything we do. Join us and be part of something bigger – helping to simplify health care one person, one family and one community at a time. Position Summary The Principal Threat Detection Engineer serves as a senior, highly technical individual contributor responsible for the design, implementation, and continuous evolution of advanced threat detection capabilities across the enterprise. This role owns the development and optimization of detection logic leveraging Microsoft Security tooling, CrowdStrike, Splunk Cloud, Cribl, and related SOC platforms to identify sophisticated adversary activity spanning endpoint, network, and cloud environments. A core focus of the role is proactive threat hunting and the identification of behavioral indicators that improve visibility into novel and emerging attack techniques. In this capacity, the Principal Threat Detection Engineer leads detection engineering strategy and execution, building, tuning, and automating high‑fidelity alerts using SIEM and analytics platforms such as Splunk Cloud, Microsoft Sentinel, and Cribl. The role applies deep knowledge of query languages (including KQL) and custom detection logic to reduce noise, improve precision, and increase analyst efficiency. Detection capabilities are continuously iterated based on adversary tradecraft, environmental changes, and lessons learned from active investigations and simulations. The role operates at the intersection of offensive and defensive security, collaborating closely with threat hunting, incident response, and purple team partners to translate adversary emulation and penetration testing findings into actionable detection improvements aligned to the MITRE ATT&CK framework. The position integrates threat intelligence and supports active incident investigations by providing insight into attacker behavior and detection blind spots. Through continuous innovation and a strong understanding of regulatory and compliance considerations (e.g., PCI-DSS, HIPAA, NIST, ISO 27001), the Principal Threat Detection Engineer strengthens the organization’s overall detection maturity and cyber resilience.

Job Responsibility:

  • Design, deploy, and continuously optimize high‑fidelity detections across SIEM platforms including Microsoft Sentinel, Splunk Cloud, and Cribl
  • Lead proactive threat hunting using Microsoft Defender, CrowdStrike, and other SOC tools to identify advanced and emerging adversary activity
  • Develop custom detection logic and automation using KQL, SPL, and scripting, iterating based on threat intelligence and environmental changes
  • Design and execute adversary emulation and purple team exercises to evaluate and improve detection and response effectiveness
  • Partner with defensive teams to translate offensive findings into actionable improvements aligned to the MITRE ATT&CK framework
  • Support penetration testing efforts and produce actionable assessments highlighting detection gaps and remediation opportunities
  • Integrate internal and external threat intelligence into detection strategies to prioritize risk and adapt alert logic
  • Support active incident investigations by providing insight into adversary tactics, detection blind spots, and response opportunities
  • Contribute to the development of enterprise‑wide threat detection strategy aligned with risk management objectives
  • Communicate detection coverage, gaps, and effectiveness to security leadership through clear, actionable reporting

Requirements:

  • 10+ years of experience in threat detection, hunting, penetration testing, and/or offensive security
  • 7+ years of experience in Microsoft Security tools (Defender for Endpoint, Sentinel), CrowdStrike, Splunk Cloud, and Cribl
  • 5+ years of experience with KQL, SPL, Python, PowerShell, or Bash scripting for automation and detection logic

Nice to have:

  • Relevant certifications such as OSCP, GCIH, GCIA, CISSP, CEH, or Microsoft Azure Certification
  • Experience in managing or participating in purple team exercises
  • Familiarity with compliance standards like PCI-DSS, HIPAA, or ISO 27001
  • Strong understanding of the MITRE ATT&CK framework and security standards (NIST, CIS)
  • Strong communication skills to convey complex security issues to non-technical stakeholders
What we offer:
  • Medical, dental, and vision coverage
  • Paid time off
  • Retirement savings options
  • Wellness programs
  • Bonus, commission or short-term incentive program
  • Equity award program

Additional Information:

Job Posted:
May 05, 2026

Expiration:
May 11, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
CVS Health - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Principal Threat Detection Engineer - Blue Team

Principal Security Researcher

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • 8+ years of experience in cybersecurity, with hands-on background in blue team operations, SOC, incident response, or detection engineering
  • 5+ years of experience understanding of attacker techniques, post-exploitation behavior, and investigative workflows in enterprise environments
  • 5+ years of experience working with security telemetry and log data, including practical use of KQL or similar query languages
  • Experience with the Microsoft Defender suite of products
  • Prior purple team, threat hunting, or adversary emulation experience
Job Responsibility
Job Responsibility
  • Design and execute purple team simulations that emulate real-world threat actors, techniques, and campaigns across endpoint, identity, cloud, and email surfaces
  • Partner closely with Microsoft Defender engineering, research, and threat intelligence teams to evaluate detection coverage, investigation quality, and response effectiveness
  • Analyze telemetry using Kusto / KQL to validate detection logic, uncover gaps, and measure signal quality
  • Translate attacker tradecraft into actionable insights for defenders, including detection recommendations, telemetry requirements, and investigation improvements
  • Apply frameworks such as MITRE ATT&CK to map adversary behavior, identify coverage gaps, and communicate findings clearly to technical and non-technical audiences
  • Leverage threat intelligence to inform simulation design, prioritize scenarios, and ensure relevance to active and emerging threats
  • Contribute to high-quality written simulation reports, executive presentations, and technical documentation that influence product and security strategy
  • Act as an experienced technical voice within the Purple Team, helping shape methodology, standards, and long-term research direction
  • Fulltime
Read More
Arrow Right

Principal Engineer - Cyber Threat Fusion Center

Wells Fargo is seeking a Principal Engineer.
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
May 30, 2026
Flip Icon
Requirements
Requirements
  • 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 7+ years of information security experience with SIEM, endpoint and network stack technologies
  • 7+ years of experience with technical assessments associated with Red Team, Purple Team, and Blue Team exercises
  • 7+ years of experience in security remediation practices to include signature development, log enrichment, and custom detection engineering
  • 5+ years of information security experience including experience in one or more of the following security disciplines: information security monitoring, threat hunting, incident response, vulnerability management, host/network forensics, cyber-crime investigation, or penetration testing
  • 4+ years of Splunk or other SIEM technology experience
  • Knowledge and understanding of banking or financial services industry
  • Certifications in one or more of the following: Global Information Assurance Certification (GIAC), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP)
  • Experience conducting project meetings, presentations, and status reporting
  • Knowledge and understanding of data security controls including malware protection, firewalls, intrusion detection systems, content filtering, Internet proxies, encryption controls, and log management solutions
Job Responsibility
Job Responsibility
  • Act as an advisor to leadership to develop or influence applications, network, information security, database, operating systems, or web technologies for highly complex business and technical needs across multiple groups
  • Lead the strategy and resolution of highly complex and unique challenges requiring in-depth evaluation across multiple areas or the enterprise, delivering solutions that are long-term, large-scale and require vision, creativity, innovation, advanced analytical and inductive thinking
  • Translate advanced technology experience, an in-depth knowledge of the organizations tactical and strategic business objectives, the enterprise technological environment, the organization structure, and strategic technological opportunities and requirements into technical engineering solutions
  • Provide vision, direction and expertise to leadership on implementing innovative and significant business solutions
  • Maintain knowledge of industry best practices and new technologies and recommends innovations that enhance operations or provide a competitive advantage to the organization
  • Strategically engage with all levels of professionals and managers across the enterprise and serve as an expert advisor to leadership
  • Fulltime
Read More
Arrow Right

Principal Security Research Manager

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Master's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Computer Security, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat analysis or modeling, cybersecurity, vulnerability research, and/or anomaly detection
  • OR equivalent experience
  • 1+ year(s) people management experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Lead our simulation team, responsible for building the simulation environment and capture-the-flag (CTF) challenges that comprise the game board for AI red versus AI blue
  • Lead a multi-disciplinary team including security researchers, applied scientists, and engineers to design and implement large-scale virtual environments representing real world network design, breach paths, and benign traffic patterns
  • Design and plant end-to-end CTF challenges within these environments, working together with our larger team to challenge and grow both AI red team and AI blue team capabilities
  • Partner with research and engineering to implement agentic wargames and self-driven learning approaches, improving both AI red and AI blue team solutions
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

The Cloud & AI organization accelerates Microsoft’s mission is to ensure that ou...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in security or related field
  • OR equivalent experience
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field
  • 6+ years of experience in identifying security vulnerabilities, software development lifecycle, large-scale computing, modeling, cyber security, or anomaly detection
  • 6+ years of experience with coding or scripting in languages such as C#, Python, C++, Go, PowerShell, .NET, Rust, or other comparable programming languages
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Must pass the Microsoft Cloud Background Check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Discover and exploit vulnerabilities end-to-end in order to assess the security of services
  • Execute and lead Red Team operations using real world adversarial tactics and techniques to validate a production service's ability to detect, investigate, and respond
  • Research and experiment with new and emerging adversarial techniques
  • Lead security change across the company through articulating risks and partnering for correct solutions
  • Prototype tools and techniques to scale and accelerate offensive emulation and vulnerability discovery
  • Collaborate with Blue Teams to improve readiness and produce solutions for defenders and customers
  • Analyze simulated adversary tactics and communications, enriching our defensive tactics and threat intelligence
  • Enhance Security Incident Response by providing expert insight and help when assisting Microsoft's defensive actions against adversaries
  • Embody our culture and values
  • Fulltime
Read More
Arrow Right
New

Stagiaires audit

Coffra group is one of the first multidisciplinary firms in France deploying suc...
Location
Location
France , Paris
Salary
Salary:
Not provided
coffra-group.com Logo
Coffra Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • You are preparing a Master I / Master II, a gap year in Business School, are in a CCA / DSCG course or ideally looking for a final year internship
  • You have initial internships in Finance/Accounting/Management Control
  • You are looking for a 6-month internship in Audit from October 2026 to March 2027 or from January to June 2027
  • You are available for frequent travel in France
  • Student speaking English, ideally with knowledge of German.
Job Responsibility
Job Responsibility
  • Under the supervision of our seniors or managers, you will carry out statutory or contractual audit assignments for an international clientele
  • You will discover the audit profession quickly and completely: audit of simple cycles (fixed assets, purchases/suppliers, sales/customers, bank/financing), circularisations/inventories, analysis of legal documents, assistance in auditing complex cycles, verification of appendices and management reports, interviews with clients, etc.
  • Fulltime
Read More
Arrow Right
New

Onsite Endoscopic Specialist

At KARL STORZ, we are driven by a mission to enhance global health through innov...
Location
Location
United States , Arlington
Salary
Salary:
Not provided
karlstorz.com Logo
KARL STORZ
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of high school diploma or equivalent
  • Experience in Sterile Processing, Sales, or other Surgical Technology/Medical role
  • Our successful candidate will have excellent written and spoken English language business communication skills. They will also have demonstrated success working in a collaborative, service-oriented team environment.
  • Effective communicator, collaborative, and effective time management
  • Possess exceptional organizational skills and the ability to multi-task
  • MS Office - proficient user as the role will need to work with Excel spreadsheets and reporting
  • Role requires the completion of a drug screening for safety-sensitive positions
  • Must be able to lift/push/pull up to 25lbs
Job Responsibility
Job Responsibility
  • Face-to-face customer support, including OR, SPD and Biomed
  • Video tower/system set-up and support
  • Inspection, repair, troubleshooting and replacement of KARL STORZ devices
  • Monitoring, reporting, and facilitating repair/ exchange transactions
  • Transporting, cleaning/sterilization and packaging of instruments after use
  • Trouble shoot video and instrument issues in the O.R.
  • Instrument/equipment repair management
What we offer
What we offer
  • Relocation Support
  • Professional Growth & Development
  • Collaborative & Dynamic Work Environment
  • Access to Cutting-Edge Medical Technologies
  • Medical / Dental / Vision including a state-of-the-art wellness program and pet insurance, too
  • 3 weeks vacation, 11 holidays plus paid sick time
  • Up to 8 weeks of 100% paid company parental leave
  • 401(k) retirement savings plan providing a match of 60% of the employee’s first 6% contribution (up to IRS limits)
  • Section 125 Flexible Spending Accounts
  • Life, STD, LTD & LTC Insurance
  • Fulltime
Read More
Arrow Right
New

Pharmacy Technician

We’re building a world of health around every individual — shaping a more connec...
Location
Location
United States , Columbus
Salary
Salary:
17.00 USD / Hour
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
July 11, 2026
Flip Icon
Requirements
Requirements
  • Must comply with any state board of pharmacy requirements or laws governing the practice of pharmacy, which includes but is not limited to, age, education, and licensure/certification
  • If the state board of pharmacy does not address or mandate a minimum age requirement, must be at least 16 years of age
  • If the state board of pharmacy does not address or mandate a minimum educational requirement, must have a high school diploma or equivalent, or be actively enrolled in high school or high school equivalency program
Job Responsibility
Job Responsibility
  • Living our purpose by following all company SOPs at each workstation to help our Pharmacists manage and improve patient health
  • Following pharmacy workflow procedures at each pharmacy workstation (i.e., production, pick-up, drive-thru, and drop-off) for safe and accurate prescription fulfillment
  • Contributing to positive patient experiences by showing empathy and genuine care: creating heartfelt and personalized moments while serving patients at pick-up, drive-thru, and over the phone
  • keeping patients healthy by offering immunizations and other services at the register and over the phone
  • and demonstrating compassionate care by solving or escalating patient problems
  • Completing basic inventory activities, as permitted by law, and as directed by the pharmacy leadership team, such as accurately putting away medication deliveries and completing cycle counts, returns-to-stocks, waiting bin inventories, etc.
  • Contributing to a high-performing team, embracing a growth mindset, and being receptive to feedback
  • actively seeking opportunities to expand clinical and technical knowledge needed to better assist patients
  • Remaining flexible for both scheduling and business needs, while contributing to a safe, inclusive, and engaging team dynamic
  • voluntarily traveling to stores in the market to work shifts as needed by the business
What we offer
What we offer
  • dental
  • vision
  • wellness resources
  • employee discounts
  • access to certain voluntary benefits
  • other programs
  • Parttime
Read More
Arrow Right
New

Assistant General Manager

Assistant General Manager, at Boston Pizza, one of Canada’s Best Managed Compani...
Location
Location
Canada , Lac La Biche
Salary
Salary:
22.00 - 30.00 CAD / Hour
bostonpizza.com Logo
Boston Pizza
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 1+ year of casual dining experience
  • Previous leadership or supervisory experience is an asset
  • A positive attitude and strong work ethic
  • Excellent communication and team-building skills
  • Ability to thrive in a fast-paced environment
  • A passion for hospitality and guest service
  • Open availability
Job Responsibility
Job Responsibility
  • Support day-to-day operations
  • Lead and motivate the team
  • Ensure an exceptional guest experience
What we offer
What we offer
  • Competitive pay
  • Medical
  • dental benefits
  • Staff accommodations available
  • Flexible scheduling
  • Room to grow within the company
  • Hands-on management training
  • A supportive, close-knit team environment
  • Fulltime
Read More
Arrow Right