CrawlJobs Logo

Threat Detections Engineer II

clearme.com Logo

Clear

Location Icon

Location:
United States , Austin

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re looking for a thoughtful and driven Threat Detection Engineer II to help strengthen CLEAR’s cyber defense capabilities. In this role, you’ll turn threat insights into meaningful action by designing, building, and refining the detections that keep our systems secure. You’ll spend your time developing reliable, high-quality detection logic, tuning existing rules to reduce noise, and automating key parts of the detection lifecycle so our teams can respond faster and more effectively.

Job Responsibility:

  • Design, implement, and tune custom detections that identify malicious or anomalous activity across a wide range of data sources
  • Translate threat intelligence, incident learnings, and emerging trends into high-impact detection logic
  • Partner closely with Threat Intelligence, Incident Response, Automation, and other security teams to operationalize new detections, refine response strategies, and improve overall signal fidelity
  • Continuously assess detection performance by analyzing false positives, coverage gaps, and visibility across critical assets
  • Support and expand automation efforts across the detection lifecycle—including development, validation, deployment, and routine maintenance
  • Document detection logic, workflows, and data sources clearly and consistently
  • Map detection coverage to frameworks like MITRE ATT&CK and contribute to reducing measurable gaps over time

Requirements:

  • Building, tuning, and validating detections in SIEM or cloud-native environments
  • Strong understanding of networking, identity, endpoint telemetry, and modern attack techniques
  • Spotting patterns across network, endpoint, identity, and cloud data
  • Writing clear, scalable detection logic using rule languages, scripting, automation frameworks, and Detection-as-Code practices
  • Collaborating across security functions and communicating effectively
  • Staying curious, adaptable, and detail-oriented
  • Hands-on experience with tools such as Google Chronicle, YARA/YARA-L, BigQuery, SOAR platforms, and scripting languages like Python
  • 3–5 years of experience in security operations or detection engineering
  • Familiarity with frameworks like MITRE ATT&CK and Sigma
  • Leveraging relevant certifications (e.g., CISSP, Sec+) when helpful, though not required
What we offer:
  • Meals and snacks in offices
  • Stipend and reimbursement programs for well-being and learning & development
  • Comprehensive healthcare plans
  • Family building benefits (fertility and adoption/surrogacy support)
  • Flexible time off
  • Free OneMedical memberships for you and your dependents
  • 401(k) retirement plan with employer match
  • Restricted Stock Units

Additional Information:

Job Posted:
December 07, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Clear - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Threat Detections Engineer II

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Security Engineer II is an individual contributor who will participate and m...
Location
Location
United States , Fountain Valley
Salary
Salary:
83940.00 - 120032.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
  • Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
  • Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
  • Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
  • Virtual Private Networks
  • SSL, IPSec, and Site-to-Site
  • Enterprise-Class Stateful Inspection Firewalls
  • Network Access Controls in context to Identity Management
  • Windows Server OS & Desktop OS
  • Network Packet Inspection
Job Responsibility
Job Responsibility
  • Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
  • Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
  • Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
  • Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
  • Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
  • Oversees the installation, configuration, and supportive processes of security technologies
  • Participate in or lead the Incident Response activities
  • Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
  • Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
  • Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
  • Fulltime
Read More
Arrow Right

Senior Security Engineer II

We are looking for an experienced security engineer to join our infrastructure s...
Location
Location
India
Salary
Salary:
Not provided
confluent.io Logo
Confluent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of relevant industry experience
  • Strong domain knowledge in security incident detection and response
  • Hands-on experience in instrumenting and deploying telemetry solutions to ensure visibility in large-scale, heterogenous deployments
  • Demonstrated experience with effective incident response and containment practices, preferably in a cloud-first environment
  • Experience with operating open-source and/or commercial solutions for logging and security event management
  • Decision-maker with the ability to operate with freedom and autonomy
  • Experience working with distributed teams and other cross-functional stakeholders
  • Ability to manage competing priorities and workload
  • Ability to script or code fluently in an interpreted language
Job Responsibility
Job Responsibility
  • Collaborate with engineering teams for building and setting up pipelines needed to gather relevant security telemetry
  • Build and maintain an effective and scalable security monitoring infrastructure solution
  • Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment
  • Triage alerts and drive security incidents to closure while reducing its potential impact to Confluent
  • Build processes and workflows to triage security alerts and respond to real incidents
  • Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape
  • Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams
  • Contribute to strategy, risk management and prioritization for all efforts around detection and response
What we offer
What we offer
  • Remote-First Work
  • Robust Insurance Benefits
  • Flexible Time Away
  • The Best Teammates
  • Experience Ambassadors
  • Open and Honest Culture
  • Well-Being and Growth
Read More
Arrow Right

Cybersecurity Incident Handler

As a security operations center analyst, you’re in the middle of the action, res...
Location
Location
United States , San Antonio
Salary
Salary:
69400.00 - 158000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity
  • Experience in a security operations center, including incident response activities such as analysis of artifacts, writing incident reports, and triaging of security events
  • Knowledge of cyber threat intelligence, digital forensics, red teaming, threat hunt, cloud incident response, counterintelligence, and detection engineering
  • Knowledge of cybersecurity standards and the implementation of industry best practices
  • Knowledge of external standards, including ISO 22301, ISO 22317, and NIST guidelines such as NIST 800-53 or NIST 800-61
  • Ability to work a rotating shift schedule supporting a 24/7 environment
  • TS/SCI clearance
  • HS diploma or GED
  • DoD 8140 Baseline Level II Certification
Job Responsibility
Job Responsibility
  • Monitor and analyze threats using state-of-the-art tools
  • Work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact
  • Analyze incidents to figure out just how many systems are affected and assist recovery efforts
  • Combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right

Sr Elastic Engineer

The Senior Elastic Engineer (EDR/Defend Focus) supports the Missile Defense Agen...
Location
Location
United States , Colorado Springs, CO or Huntsville, AL
Salary
Salary:
55.00 - 70.00 USD / Hour
apexsystems.com Logo
Apex Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must have 10, or more, years of general (full-time) work experience
  • Must have 5, or more, years of experience working with the Elastic Stack (Elasticsearch, Logstash, Kibana)
  • Must have 3, or more, years of experience specifically implementing and managing Elastic EDR and Defend solutions
  • Must have 2, or more, years of experience in a lead or senior role, mentoring and guiding other team members
  • Must have 1, or more, years of experience working in a management or leadership role
  • Must have a strong understanding of security principles, threat detection, and incident response
  • Must have experience with data ingestion, processing, and enrichment techniques
  • Must be proficient in at least one scripting language (e.g., Python, Bash, PowerShell)
  • Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
  • Must have an active DoD Secret Security Clearance
Job Responsibility
Job Responsibility
  • Be a key contributor to the design, implementation, and maintenance of our Elastic Stack environment, with a primary focus on leveraging Elastic EDR and Defend capabilities to enhance our cybersecurity posture
  • Be responsible for ensuring the security, scalability, and performance of our Elastic Stack infrastructure, and will work closely with other teams to integrate it with existing security tools and workflows
  • Architect, deploy, and maintain a highly available and scalable Elastic Stack environment, specializing in Elastic EDR/ Defend
  • Configure and optimize Elastic EDR/Defend policies and data pipelines for threat detection, prevention, and security event enrichment
  • Develop and maintain Kibana dashboards and visualizations for real-time security monitoring, threat identification, and incident response tracking
  • Perform proactive threat hunting and in-depth security analysis using Elastic EDR/Defend capabilities
  • Troubleshoot complex Elastic Stack issues, develop comprehensive documentation, and mentor junior engineers to ensure operational excellence
What we offer
What we offer
  • medical
  • dental
  • vision
  • life
  • disability
  • and other insurance plans
  • ESPP (employee stock purchase program)
  • 401K program with company match after 12 months
  • HSA (Health Savings Account on the HDHP plan)
  • SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions
  • Fulltime
Read More
Arrow Right

Security Engineer

Cresta is seeking a passionate individual with solid security engineering experi...
Location
Location
United States
Salary
Salary:
120000.00 - 160000.00 USD / Year
cresta.com Logo
Cresta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ambitious, passionate and results-oriented, with excellent interpersonal and communication skills
  • 4+ years of experience in application security engineering and cloud security (AWS/GCP)
  • Security domain knowledge across many cyber security disciplines
  • Experience in static code analysis and remediation
  • Experience in security operations (SOC) and incident response
  • Experience in AI security and hardening ML infrastructure
  • Working knowledge of Python and Go to develop and collaborate with engineering on product security features
  • Experience managing competing efforts and requirements
  • Experience with fast growing SaaS startups
Job Responsibility
Job Responsibility
  • Detect, defend, and respond to threats to Cresta and its customers
  • Support SOC2 Type II, ISO 27001/27701/42001, PCI-DSS, TISAX, and HIPAA audit processes with technical controls and evidence
  • Perform security audits of Cresta's products and cloud infrastructure and drive remediation of security risks
  • Improve and monitor Cresta's vulnerability management program to ensure we're monitoring and mitigating known vulnerabilities
  • Develop internal tooling and automation
What we offer
What we offer
  • Comprehensive medical, dental, and vision coverage with plans to fit you and your family
  • Flexible PTO to take the time you need, when you need it
  • Paid parental leave for all new parents welcoming a new child
  • Retirement savings plan to help you plan for the future
  • Remote work setup budget to help you create a productive home office
  • Monthly wellness and communication stipend to keep you connected and balanced
  • In-office meal program and commuter benefits provided for onsite employees
  • Offers Equity
  • Fulltime
Read More
Arrow Right

Cyber Security Operations Analyst

Responsible for progressing cybersecurity operations, maintaining proactive thre...
Location
Location
United States , Bethesda
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI Clearance with CI Polygraph
  • 6-10 years of Cyber Security/Operations support OR Bachelor’s degree in Network Engineering, Computer Science or related technical field and 2-4 years of experience
  • DoD 8140 IAT Level II Certification (CCNA-Security, CySA+, CND, Security+)
  • Documenting network schemas and cyber operation tool solutions
  • Provide security posture, vulnerability, threat and risk situational awareness to support staff, leadership, workforce, stakeholder organizations and community
  • Halt or minimize cyber-attack and insider threat efforts or damage
  • Designing, modeling, and securing networks
  • Troubleshooting network issues and recommendation of network modifications to optimize performance while adhering to all relevant security policies
  • Knowledgeable on the use of different SIEM applications, its interfaces, and how to retrieve data from its database
  • Knowledgeable on log aggregation and event correlation of any SIEM
Job Responsibility
Job Responsibility
  • Progressing cybersecurity operations
  • Maintaining proactive threat detection capabilities
  • Conducting vulnerability scanning and risk assessment using security tools such as Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), and Security Information Event Management (SIEM)
  • Performing real-time monitoring and defense of the IT environment to ensure resilience against cyber threats and vulnerabilities
  • Responding to alerts from HBSS and SIEM systems by conducting analysis and taking appropriate responses
  • Managing IPS/IDS systems to detect and prevent unauthorized access and protect network and data integrity
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy