CrawlJobs Logo
Clio Logo Clio · IT - Software Development

Senior Logging & Detection Engineer

Canada, Vancouver 146200.00 - 197800.00 CAD / Year · Job Posted December 26, 2025
Apply Position
Job Link Share

Job Description

We are currently seeking a Senior Logging & Detection Engineer to lead the technical direction within our rapidly growing Security team and our new Logging Engineering team. This role is for a seasoned professional passionate about building sophisticated, scalable detection architectures, mastering efficient queries at petabyte scale, and driving strategic security analytics through log data. You will own the detection and analysis layer of our logging platform, serving as the domain expert who makes a tangible, high-impact difference to our security monitoring capabilities.

Job Responsibility

  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership

Requirements

  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents

Nice to have

  • Strategic experience with advanced analytics, machine learning, or statistical modeling for security, such as User and Entity Behavior Analytics (UEBA) or predictive threat modeling
  • Multi-platform security architecture experience across major cloud environments (AWS CloudTrail, Azure Activity Logs, GCP Audit Logs)
  • Deep, practical experience building custom detection content mapped directly to the MITRE ATT&CK framework, including coverage gap analysis
  • Industry-recognized security certifications such as GCTI, GCFA, GNFA, or CISSP
  • Track record of open source contributions to detection rule repositories, security analytics tools, or SIEM content
  • Data science or advanced mathematics background with direct experience in anomaly detection, clustering, or predictive analytics for security
  • Expert API integration skills for automated, real-time threat intelligence ingestion and centralized detection rule management
  • Cloud security analytics mastery utilizing cloud-native security services (e.g., Security Hub, Defender for Cloud) and serverless detection architectures
  • Compliance and reporting leadership experience building analytics and dashboards for regulatory requirements (e.g., SOC 2, ISO 27001) and defining key security metrics

What we offer

  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
Clio - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Logging & Detection Engineer

8 matching positions

Detection Engineer, Senior

We’re looking for a self‑motivated, hands‑on self‑starter who thrives in environ...
Location
Location
United States , Fort Meade
Salary
Salary:
77600.00 - 176000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a security engineering function, such as detection engineering, SOC analytics, or threat hunting
  • Experience contributing to shared rule and detection repositories
  • Experience authoring detections in two or more of the following: Sigma, YARA, Suricata, Splunk SPL, KQL, or SQL/DB‑SQL
  • Experience applying Detection‑as‑Code (DaC) best practices, such as Git workflows, pull requests, automated linting, CI pipelines, unit tests, and metadata enforcement
  • Experience with detection versioning, semantic versioning, changelogs, and ruleset lifecycle management
  • Experience building detections across multiple log sources and platforms, such as EDR/XDR, SIEM, cloud telemetry, and identity providers
  • Ability to demonstrate map detections to MITRE ATT&CK techniques and communicate coverage effectively to stakeholders
  • Ability to communicate detection logic clearly, document rationale, and collaborate with SOC, IR, and engineering partners
  • Ability to obtain a Secret clearance
  • HS diploma or GED
Job Responsibility
Job Responsibility
  • Design, build, test, and maintain production‑grade detections across diverse data sources—endpoint, network, identity, SaaS, and cloud—while applying Detection‑as‑Code (DaC) practices to ensure consistency, scalability, versioning, and automation
  • Collaborate closely with incident responders, hunters, and platform engineers to map rules to MITRE ATT&CK, maintain coverage dashboards, and continuously iterate on fidelity and performance
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

Senior SIEM Detection Engineer

We are seeking an experienced Senior SIEM Detection Engineer to design, implemen...
Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in SIEM, cybersecurity, or detection engineering
  • Strong expertise in SIEM detection engineering and alert optimization
  • Experience with log source integration and data normalization
  • Hands-on experience with CrowdStrike SIEM and dashboard development
  • Proven ability in documentation, reporting, and knowledge transfer
  • Strong experience in stakeholder engagement and executive communication
Job Responsibility
Job Responsibility
  • Design and develop SIEM detection rules and alerting mechanisms
  • Optimize alerts to reduce false positives and improve detection accuracy
  • Integrate and onboard log sources across enterprise systems
  • Perform data normalization and parsing to ensure consistent log analysis
  • Build and maintain dashboards and reports for security monitoring and executive visibility
  • Work hands-on with CrowdStrike SIEM for detection and dashboard development
  • Collaborate with security and IT teams to enhance threat detection capabilities
  • Document processes, detection logic, and operational procedures
  • Communicate findings and insights to technical teams and executive stakeholders
  • Support continuous improvement of SIEM performance and security monitoring strategies
Read More
Arrow Right

Senior Detection & Response Engineer

Activision is seeking a Senior Detection and Response Engineer to help protect o...
Location
Location
United States of America , Playa Vista
Salary
Salary:
101000.00 - 186754.00 USD / Year
activision.com Logo
Activision
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, Information Security, or equivalent practical experience
  • 5+ years of progressively accountable experience
  • Hands‑on experience in threat detection, security operations, and incident response
  • Strong understanding of the modern threat landscape, attacker tactics, techniques, and procedures
  • Proven ability to detect, triage, investigate, and respond to security incidents in enterprise environments
  • Experience performing detailed log analysis, correlation, and investigative triage
  • Strong written and verbal communication skills
  • Ability to work independently and collaboratively
  • Willingness to participate in an on‑call rotation and provide off‑hours support
  • Fluency in English
Job Responsibility
Job Responsibility
  • Detect, investigate, and respond to security incidents across cloud, corporate, and production environments
  • Monitor and analyze security telemetry and audit logs to identify anomalous activity
  • Perform alert triage, in‑depth investigation, and forensic analysis across the full incident lifecycle
  • Execute endpoint, identity, cloud, and malware investigations
  • Develop, refine, and tune threat detections within the SIEM
  • Enhance investigation and response efficiency through automation, SOAR workflows, scripting, and advanced analytics
  • Contribute to TDIR procedures, playbooks, runbooks, documentation, and operational metrics
  • Collaborate closely with engineering teams, business stakeholders, and vendors
  • Participate in an on‑call rotation and provide off‑hours support
  • Communicate investigation findings clearly and effectively
What we offer
What we offer
  • Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance
  • 401(k) with Company match, tuition reimbursement, charitable donation matching
  • Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave
  • Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others
  • Relocation assistance if required to move
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Detection and Response

As a Senior Security Engineer on the Detection & Response team, you will play a ...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security technical engineering roles
  • 3+ years focused on security operations, detection engineering or incident response
  • Hands-on experience with detection engineering and automation, including SIEMs, SOAR platforms, behavior analytics, and Detection-as-Code workflows
  • Strong understanding of modern attacker techniques and how they apply to cloud-native, SaaS, and identity-centric environments
  • Experience with endpoint, runtime, and forensic tools across multiple operating systems
  • Knowledge of cloud environments (e.g., AWS, GCP) and security best practices for cloud-native systems
  • Proficiency with scripting and infrastructure tools (e.g., Python, Bash, Terraform, CI/CD pipelines) to support automation and internal tooling
  • Strong written and verbal communication skills, with the ability to explain complex security issues to both technical and non-technical audiences
Job Responsibility
Job Responsibility
  • Design, build, and continuously improve threat detections across 1Password’s infrastructure, products, internal tools, and corporate environments
  • Lead and support security incident response activities, including investigation, containment, remediation, and post-incident learning
  • Apply threat intelligence and knowledge of attacker TTPs to detection development, threat hunting, alert triage, and response prioritization
  • Collaborate with Security, Infrastructure, and IT teams to improve security visibility, logging quality, and response readiness
  • Use automation, scripting, and Detection-as-Code practices to scale detection and response workflows and improve reliability
  • Own end-to-end security projects aligned with Detection & Response initiatives and broader security strategy
  • Participate in a shared on-call rotation and support high-severity incidents as needed
  • Contribute to operational maturity through playbooks, mentoring, tabletop exercises, audits, and cross-functional initiatives
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k
  • RRSP
  • Generous PTO
  • Equity grant
  • Incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Fulltime
Read More
Arrow Right

Senior Detection and Response Engineer

The Senior Detection and Response Engineer is a critical technical role responsi...
Location
Location
United States
Salary
Salary:
128000.00 - 161000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in security operations with 3+ years in detection engineering, including deep expertise in creating high-fidelity rules (SIGMA, YARA-L, KQL, SPL)
  • Proven track record of building detection strategies across SIEM, EDR, and Cloud platforms, grounded in the MITRE ATT&CK framework
  • Expert knowledge of SOAR platforms (e.g., Tines, Splunk SOAR, Cortex XSOAR), architecture, and complex playbook development
  • Proven experience designing and implementing SOAR platform architecture from concept to production
  • Advanced scripting and automation development skills in Python (required) for API integrations and security tool orchestration
  • Strong background in threat hunting methodology, hypothesis development, and campaign execution, with experience leading or co-leading hunting programs
  • Proficiency with data analysis, anomaly detection, and hands-on experience with hunting tools like Jupyter Notebooks, Osquery, and Velociraptor
  • Deep understanding of attack techniques, lateral movement, persistence mechanisms, and post-exploitation TTPs across Windows, Linux, and macOS
  • Familiarity with security frameworks including MITRE ATT&CK, PICERL, NIST CSF, and Detection Maturity Models, and incident response best practices
  • Proven ability to lead technical initiatives, mentor team members, and communicate complex technical concepts to diverse audiences
Job Responsibility
Job Responsibility
  • Design, implement, and maintain advanced detection rules and correlation logic across SIEM , EDR, and Cloud platforms (AWS, GCP)
  • Lead detection strategy and architecture aligned with the Detection Quality frameworks
  • Write high-fidelity detection rules using languages like SIGMA and YARA-L
  • Conduct deep log source analysis, perform threat modeling, adversary emulation, and maintain MITRE ATT&CK mapping coverage
  • Conduct detection gap analysis to identify coverage opportunities across the kill chain
  • Create and maintain detection playbooks, runbooks, and comprehensive documentation
  • Perform detection quality assessments and continuous improvement initiatives
  • Develop complex automated response playbooks for multi-stage incidents spanning multiple security tools
  • Integrate security tools via APIs (SIEM, EDR, MDM, CASB, ITSM, threat intelligence platforms)
  • Create automated enrichment pipelines incorporating threat intelligence, asset context, and user behavior analytics
What we offer
What we offer
  • performance-based bonus
  • equity
  • a generous benefits program
  • Fulltime
Read More
Arrow Right

Cyber Systems Engineer Senior Technical Specialist – Project Engineer

The Cyber Systems Engineer Project Management Technical Support provides support...
Location
Location
United States , Westfields, Virginia
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS 12-15, MS 10-13, PhD 10+
  • Must possess and be able to maintain a TS/SCI with Poly
  • Able to support customer’s core hours (0900-1500
  • Mon – Fri)
  • DoD 8570 certification in IAT or IAM
  • Experience with security operations, data analysis, threat detection, and the deployment and optimization of Splunk for enterprise security solutions
  • understanding of Security Information and Event Management (SIEM) and log management
  • Experience supporting project management and acquisitions
  • Experience with customer’s Cybersecurity Processes and tools/capabilities to include Splunk
  • Experience in requirements analysis
Job Responsibility
Job Responsibility
  • Work collaboratively with the government customer and a small team of project managers and developers to ensure successful implementation of Splunk
  • Collaborate with the cyber operations group and act as the liaison between the group and developers to ensure Splunk requirements are understood and being met
  • Provide assessments to the customer on the cybersecurity contractor’s program performance.
  • Develop, maintain, and deliver acquisition artifacts to assist the customer in assessing contractor’s performance
  • Assist in the development of execution reviews, acquisition roadmaps and transition plans
  • Develop briefings and artifacts for acquisition Readiness Reviews
  • Provide technical recaps of customer meetings with cyber security contractors
  • Work closely with the customer Lead and stakeholders to execute contracts
  • Provide technical input for the development of acquisition documentation for review and approval by the customer to include Requests for Contract Action (RCA) packages, RFPs for Engineering Change Proposals (ECPs), and proposal analysis to support negotiation and award activities.
  • Assist in the development, review, and update of acquisition documents to ensure guidance for acquisitions is adequate and current.
  • Fulltime
Read More
Arrow Right

Senior Engineer - Stablecoin

We are looking for a passionate Senior Engineer to join our growing Tech team, h...
Location
Location
Serbia , Belgrade
Salary
Salary:
Not provided
sokin.com Logo
Sokin
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of software engineering experience, with 3+ years working directly with blockchain technology, infrastructure, exchanges, wallets
  • Deep understanding of major stablecoin mechanisms: fiat-collateralized (USDC, USDT), crypto-collateralized (DAI), and algorithmic models
  • Deep understanding of blockchain transactions, wallet, addresses, smart contract integrations and yield mechanics
  • Hands-on experience integrating with stablecoin APIs from 3rd party providers
  • Strong knowledge of EVM-compatible blockchains, TRON, Solana
  • A track record building and deploying production smart contracts
  • Senior-level proficiency in backend development (Nest.js/Node.js - must, Go, Rust – would be a plus)
  • Experience in creating basic smart contracts, integrating of smart contracts, testing frameworks (Hardhat, Foundry, Truffle), and security auditing
  • Deep understanding of cryptographic primitives, key management (HSMs, MPC), and wallet infrastructure
  • Proficiency with event-driven architectures and distributed systems
Job Responsibility
Job Responsibility
  • Implement robust, scalable stablecoin infrastructure supporting multiple blockchains
  • Design and implement cross-chain bridge solutions and settlement mechanisms across Ethereum, Polygon, Stellar, Solana, and other Layer 1/Layer 2 networks
  • Build and maintain integrations with leading stablecoin protocols and their APIs using infrastructure providers like Infura, Alchemy, Quicknode, etc.
  • Develop and support integrations with EVM, Solana, Tron blockchains, smart contracts, DeFi protocols
  • Implement multi-signature wallet solutions and secure key management systems
  • Design and build integrations for real-time price feeds and reserves verification
  • Create automated monitoring and alerting systems for on-chain and off-chain stablecoin operations
  • Develop integrations with providers, traditional payment protocols and card systems
  • Build robust reconciliation and settlement connecting blockchain and banking rails
  • Implement transaction routing and fee optimization strategies
  • Fulltime
Read More
Arrow Right

Senior Engineer- Artificial Intelligence

We’re looking for a seasoned Senior AI Engineer to join our growing AI team. In ...
Location
Location
Canada , Toronto
Salary
Salary:
126090.00 - 140100.00 CAD / Year
tucows.com Logo
Tucows
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Computer Science, Software Engineering, or related field
  • 5+ years of software engineering experience, with recent focus on AI/LLM systems
  • Advanced proficiency in Python and Golang
  • Strong knowledge of software design patterns (SOLID, DRY, CQRS, Saga, event-driven)
  • Deep understanding of the Software Development Life Cycle (SDLC)
  • Proven experience building distributed, highly available systems at scale
  • Strong system design expertise: APIs, async processing, backpressure, fault tolerance
  • Experience with event-driven systems (Kafka, RabbitMQ)
  • Strong engineering practices: TDD, CI/CD, code reviews, and technical debt management
  • Experience writing and communicating Architecture Decision Records (ADRs)
Job Responsibility
Job Responsibility
  • Lead the architecture and development of AI-driven features using Python and Golang
  • Own end-to-end delivery of LLM-based systems — from prototype to production — with a focus on scalability, reliability, and cost efficiency
  • Integrate and fine-tune open-source models (e.g., LLaMA, Mistral, Mixtral) and drive model selection and serving strategies
  • Research and champion emerging AI technologies aligned with product vision
  • Define and uphold architectural best practices through design and code reviews
  • Mentor junior and intermediate engineers, providing technical leadership on complex problems
  • Translate AI capabilities and constraints into clear business context for non-technical stakeholders
  • Shape responsible AI practices, including safety, privacy, and governance
  • Stay current with the open-source AI ecosystem and bring forward relevant innovations
What we offer
What we offer
  • Generous benefits
  • Fair compensation
  • Remote-first work for majority of roles
  • Reasonable accommodation for individuals with disabilities
  • Fulltime
Read More
Arrow Right