CrawlJobs Logo
ActiveCampaign Logo ActiveCampaign · IT - Software Development

Senior Detection Engineer

United States, Chicago 126000.00 - 154000.00 USD / Year · Job Posted February 13, 2026
Apply Position
Job Link Share

Job Description

As our next Senior Detection Engineer, you won’t just be monitoring dashboards—you’ll be at the forefront of building our security operations as code. You will lead the charge in architecting scalable detection systems and developing the automation that defines how we protect our infrastructure. This is a technical, hands-on role combining security engineering, automation development, and strategic incident response where your technical decisions directly shape how we detect, investigate, and respond to threats at scale. You won’t just be managing alerts; you’ll be shaping the very trajectory of our security posture in a lean, engineering-first environment.

Job Responsibility

  • Design and deploy sophisticated detection logic across our entire technology stack using detection-as-code principles like YARA-L, Sigma, and KQL
  • Build automated response workflows that independently enrich, triage, and remediate security alerts, effectively eliminating manual toil through advanced SOAR principles
  • Investigate complex security signals—such as novel attack patterns or phishing campaigns—that require deep human judgment and strategic intuition
  • Collaborate cross-functionally with DevOps and Security Engineering teams to adapt detection logic to infrastructure changes before security blind spots can emerge
  • Leverage AI and LLMs as force multipliers to accelerate threat hunting, generate new detection hypotheses, and automate repetitive investigative tasks
  • Lead post-incident reviews with engineering partners, transforming security findings into preventative architectural changes that harden our long-term defense
  • Prototype and test emerging detection capabilities and data sources, ensuring we stay ahead of the threat landscape while participating in an on-call rotation to defend our most critical systems

Requirements

  • 5+ years of hands-on experience in detection engineering, incident response, or security operations within high-growth technology environments
  • Advanced programming proficiency in Python, with a proven ability to build production-quality security automations and custom integrations from scratch
  • Deep expertise in Cloud Security (AWS), including a comprehensive understanding of IAM, VPC, CloudTrail, and Lambda attack vectors
  • Mastery of detection logic in at least two major languages, such as YARA-L, Sigma, KQL, or SPL
  • A track record of building SOAR workflows or equivalent automation platforms that measurably reduce operational overhead at scale
  • Exceptional communication skills, with the ability to distill complex security risks into actionable insights and influence technical decisions across the organization
  • Experience using AI/LLMs as a strategic tool for threat analysis, investigation automation, and increasing the velocity of security work
  • A self-directed, engineering-first mindset, ideally with a background in SRE, DevOps, or platform engineering and a history of contributing to open-source security projects

What we offer

  • Comprehensive Health & Wellness: Top-tier benefits package that includes a fully-covered High Deductible Health Plan (HDHP), complimentary access to telehealth services, and a free subscription to Calm
  • Growth & Development: Access to LinkedIn Learning, professional development programs, and career growth opportunities in a fast-growing organization
  • Generous Paid Time Off: Recharge and take the time you need to maintain work-life balance with open PTO
  • Total Rewards: Generous 401(k) matching with immediate vesting, quarterly perks with commuter and lunch benefits for hub based employees or a stipend for remote workers, and a four-week paid sabbatical with bonus after five years
  • Collaborative Culture: Work alongside brilliant, passionate colleagues in an environment that values innovation, teamwork, and mutual support
ActiveCampaign - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Detection Engineer

8 matching positions

Detection Engineer, Senior

We’re looking for a self‑motivated, hands‑on self‑starter who thrives in environ...
Location
Location
United States , Fort Meade
Salary
Salary:
77600.00 - 176000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a security engineering function, such as detection engineering, SOC analytics, or threat hunting
  • Experience contributing to shared rule and detection repositories
  • Experience authoring detections in two or more of the following: Sigma, YARA, Suricata, Splunk SPL, KQL, or SQL/DB‑SQL
  • Experience applying Detection‑as‑Code (DaC) best practices, such as Git workflows, pull requests, automated linting, CI pipelines, unit tests, and metadata enforcement
  • Experience with detection versioning, semantic versioning, changelogs, and ruleset lifecycle management
  • Experience building detections across multiple log sources and platforms, such as EDR/XDR, SIEM, cloud telemetry, and identity providers
  • Ability to demonstrate map detections to MITRE ATT&CK techniques and communicate coverage effectively to stakeholders
  • Ability to communicate detection logic clearly, document rationale, and collaborate with SOC, IR, and engineering partners
  • Ability to obtain a Secret clearance
  • HS diploma or GED
Job Responsibility
Job Responsibility
  • Design, build, test, and maintain production‑grade detections across diverse data sources—endpoint, network, identity, SaaS, and cloud—while applying Detection‑as‑Code (DaC) practices to ensure consistency, scalability, versioning, and automation
  • Collaborate closely with incident responders, hunters, and platform engineers to map rules to MITRE ATT&CK, maintain coverage dashboards, and continuously iterate on fidelity and performance
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

Senior Cyber Detection Engineer (SIEM)

Zachary Piper Solutions is seeking a Senior Cyber Detection Engineer (SIEM) to s...
Location
Location
United States , Springfield
Salary
Salary:
135000.00 - 150000.00 USD / Year
pipercompanies.com Logo
Piper Companies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI CI Polygraph required
  • Bachelor’s degree from an accredited college in a related discipline and 5+ years of prior relevant experience
  • IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification required
  • Proficient in modern operating systems, including Windows, UNIX, network OS environments, databases, and virtualized computing platforms
  • Experienced with enterprise-grade security tools, such as Security Information and Event Management (SIEM) systems specifically Splunk, Threat Intelligence Platforms (TIPs), and network monitoring solutions
  • Skilled in developing, modifying, and fine-tuning detection mechanisms, including IDS signatures and SIEM correlation rules
  • Knowledgeable in implementing cybersecurity countermeasures and mitigation strategies to reduce risk and enhance system resilience
Job Responsibility
Job Responsibility
  • Support Cyber Operations Squadron (COS) efforts by ensuring timely publication of updated cybersecurity tool signatures, including antivirus and host-based security systems
  • Conduct in-depth threat analysis, including reverse engineering of malware, to uncover critical details such as origin, target, impacted systems, recommended mitigations, and mission risk
  • Develop custom content for Security Information and Event Management (SIEM) tools and create tailored IDS/IPS signatures to counter specific threats
  • Correlate security events and incidents using data from diverse enterprise sources to identify patterns and potential threats
  • Assess the impact of cyber incidents on data and infrastructure, providing detailed evaluations of damage and recovery needs
  • Perform trend analysis and reporting on cyber incidents to identify recurring threats and inform proactive defense strategies
  • Analyze network traffic and system data to detect anomalies and potential security threats
  • Deliver real-time detection, identification, and reporting of cyber intrusions, suspicious activities, and policy violations
  • Create and implement detection rules
What we offer
What we offer
  • Full Benefits: PTO
  • 11 Paid Holidays
  • Cigna Medical, Dental, and Vision
  • 401k with ADP
  • Certification reimbursement
  • Contract mobility and job stability – Contract through 2026
  • Fulltime
Read More
Arrow Right

Senior SIEM Detection Engineer

We are seeking an experienced Senior SIEM Detection Engineer to design, implemen...
Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in SIEM, cybersecurity, or detection engineering
  • Strong expertise in SIEM detection engineering and alert optimization
  • Experience with log source integration and data normalization
  • Hands-on experience with CrowdStrike SIEM and dashboard development
  • Proven ability in documentation, reporting, and knowledge transfer
  • Strong experience in stakeholder engagement and executive communication
Job Responsibility
Job Responsibility
  • Design and develop SIEM detection rules and alerting mechanisms
  • Optimize alerts to reduce false positives and improve detection accuracy
  • Integrate and onboard log sources across enterprise systems
  • Perform data normalization and parsing to ensure consistent log analysis
  • Build and maintain dashboards and reports for security monitoring and executive visibility
  • Work hands-on with CrowdStrike SIEM for detection and dashboard development
  • Collaborate with security and IT teams to enhance threat detection capabilities
  • Document processes, detection logic, and operational procedures
  • Communicate findings and insights to technical teams and executive stakeholders
  • Support continuous improvement of SIEM performance and security monitoring strategies
Read More
Arrow Right

Senior Detection & Response Engineer

Activision is seeking a Senior Detection and Response Engineer to help protect o...
Location
Location
United States of America , Playa Vista
Salary
Salary:
101000.00 - 186754.00 USD / Year
activision.com Logo
Activision
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, Information Security, or equivalent practical experience
  • 5+ years of progressively accountable experience
  • Hands‑on experience in threat detection, security operations, and incident response
  • Strong understanding of the modern threat landscape, attacker tactics, techniques, and procedures
  • Proven ability to detect, triage, investigate, and respond to security incidents in enterprise environments
  • Experience performing detailed log analysis, correlation, and investigative triage
  • Strong written and verbal communication skills
  • Ability to work independently and collaboratively
  • Willingness to participate in an on‑call rotation and provide off‑hours support
  • Fluency in English
Job Responsibility
Job Responsibility
  • Detect, investigate, and respond to security incidents across cloud, corporate, and production environments
  • Monitor and analyze security telemetry and audit logs to identify anomalous activity
  • Perform alert triage, in‑depth investigation, and forensic analysis across the full incident lifecycle
  • Execute endpoint, identity, cloud, and malware investigations
  • Develop, refine, and tune threat detections within the SIEM
  • Enhance investigation and response efficiency through automation, SOAR workflows, scripting, and advanced analytics
  • Contribute to TDIR procedures, playbooks, runbooks, documentation, and operational metrics
  • Collaborate closely with engineering teams, business stakeholders, and vendors
  • Participate in an on‑call rotation and provide off‑hours support
  • Communicate investigation findings clearly and effectively
What we offer
What we offer
  • Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance
  • 401(k) with Company match, tuition reimbursement, charitable donation matching
  • Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave
  • Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others
  • Relocation assistance if required to move
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Detection and Response

As a Senior Security Engineer on the Detection & Response team, you will play a ...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security technical engineering roles
  • 3+ years focused on security operations, detection engineering or incident response
  • Hands-on experience with detection engineering and automation, including SIEMs, SOAR platforms, behavior analytics, and Detection-as-Code workflows
  • Strong understanding of modern attacker techniques and how they apply to cloud-native, SaaS, and identity-centric environments
  • Experience with endpoint, runtime, and forensic tools across multiple operating systems
  • Knowledge of cloud environments (e.g., AWS, GCP) and security best practices for cloud-native systems
  • Proficiency with scripting and infrastructure tools (e.g., Python, Bash, Terraform, CI/CD pipelines) to support automation and internal tooling
  • Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments
  • Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning
  • Apply threat intelligence and knowledge of attacker TTPs to detection development, threat hunting, alert triage, and response prioritization
  • Collaborate with Security, Infrastructure, and IT teams to improve security visibility, logging quality, and response readiness
  • Use automation, scripting, and Detection-as-Code practices to scale detection and response workflows and improve reliability
  • Own end-to-end security projects aligned with Detection & Response initiatives and broader security strategy
  • Participate in a shared on-call rotation and support high-severity incidents as needed
  • Contribute to operational maturity through playbooks, mentoring, tabletop exercises, audits, and cross-functional initiatives
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k
  • RRSP
  • Generous PTO
  • Equity grant
  • Incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Fulltime
Read More
Arrow Right

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Business Consulting-Fraud Detection UAT Senior Test Engineer

The Senior UAT Test Engineer will lead end-to-end User Acceptance Testing (UAT) ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–10 years of experience in BFSI testing with significant UAT experience
  • Strong domain expertise in Fraud Detection, AML, Risk, or Financial Crime systems
  • Proven experience in validating fraud rules engines and transaction monitoring systems
  • Strong understanding of end-to-end payment flows and fraud risk controls
  • Hands-on experience with defect management tools (e.g., JIRA, ALM)
  • Ability to lead UAT cycles and manage multiple stakeholders
  • Excellent analytical skills for fraud pattern identification and validation
  • Strong communication, leadership, and stakeholder management skills
  • Experience in Agile, Scrum, or hybrid delivery models
Job Responsibility
Job Responsibility
  • Lead UAT planning, strategy, and execution for Fraud Detection systems
  • Define UAT scope, test approach, timelines, and entry/exit criteria
  • Review and validate business requirements, fraud rules, and detection logic
  • Oversee design and execution of complex UAT scenarios, including high-risk fraud cases
  • Validate end-to-end transaction monitoring, alert generation, scoring, and case management workflows
  • Ensure accuracy of fraud detection outcomes and minimize false positives/negatives
  • Drive defect management lifecycle: triage, prioritization, root cause analysis, and closure
  • Collaborate closely with business stakeholders, SMEs, and product owners for sign-offs
  • Ensure compliance with regulatory standards (AML, KYC, PCI-DSS, etc.)
  • Provide insights and recommendations to improve fraud detection effectiveness and UAT processes
Read More
Arrow Right

Business Consulting-Fraud Detection UAT Senior Test Engineer

The Senior UAT Test Engineer will lead end-to-end User Acceptance Testing (UAT) ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–10 years of experience in BFSI testing with significant UAT experience
  • Strong domain expertise in Fraud Detection, AML, Risk, or Financial Crime systems
  • Proven experience in validating fraud rules engines and transaction monitoring systems
  • Strong understanding of end-to-end payment flows and fraud risk controls
  • Hands-on experience with defect management tools (e.g., JIRA, ALM)
  • Ability to lead UAT cycles and manage multiple stakeholders
  • Excellent analytical skills for fraud pattern identification and validation
  • Strong communication, leadership, and stakeholder management skills
  • Experience in Agile, Scrum, or hybrid delivery models
Job Responsibility
Job Responsibility
  • Lead UAT planning, strategy, and execution for Fraud Detection systems
  • Define UAT scope, test approach, timelines, and entry/exit criteria
  • Review and validate business requirements, fraud rules, and detection logic
  • Oversee design and execution of complex UAT scenarios, including high-risk fraud cases
  • Validate end-to-end transaction monitoring, alert generation, scoring, and case management workflows
  • Ensure accuracy of fraud detection outcomes and minimize false positives/negatives
  • Drive defect management lifecycle: triage, prioritization, root cause analysis, and closure
  • Collaborate closely with business stakeholders, SMEs, and product owners for sign-offs
  • Ensure compliance with regulatory standards (AML, KYC, PCI-DSS, etc.)
  • Provide insights and recommendations to improve fraud detection effectiveness and UAT processes
  • Fulltime
Read More
Arrow Right