CrawlJobs Logo

Threat Detections Engineer II

clearme.com Logo

Clear

Location Icon

Location:
United States , Austin

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re looking for a thoughtful and driven Threat Detection Engineer II to help strengthen CLEAR’s cyber defense capabilities. In this role, you’ll turn threat insights into meaningful action by designing, building, and refining the detections that keep our systems secure. You’ll spend your time developing reliable, high-quality detection logic, tuning existing rules to reduce noise, and automating key parts of the detection lifecycle so our teams can respond faster and more effectively.

Job Responsibility:

  • Design, implement, and tune custom detections that identify malicious or anomalous activity across a wide range of data sources
  • Translate threat intelligence, incident learnings, and emerging trends into high-impact detection logic
  • Partner closely with Threat Intelligence, Incident Response, Automation, and other security teams to operationalize new detections, refine response strategies, and improve overall signal fidelity
  • Continuously assess detection performance by analyzing false positives, coverage gaps, and visibility across critical assets
  • Support and expand automation efforts across the detection lifecycle—including development, validation, deployment, and routine maintenance
  • Document detection logic, workflows, and data sources clearly and consistently
  • Map detection coverage to frameworks like MITRE ATT&CK and contribute to reducing measurable gaps over time

Requirements:

  • Building, tuning, and validating detections in SIEM or cloud-native environments
  • Strong understanding of networking, identity, endpoint telemetry, and modern attack techniques
  • Spotting patterns across network, endpoint, identity, and cloud data
  • Writing clear, scalable detection logic using rule languages, scripting, automation frameworks, and Detection-as-Code practices
  • Collaborating across security functions and communicating effectively
  • Staying curious, adaptable, and detail-oriented
  • Hands-on experience with tools such as Google Chronicle, YARA/YARA-L, BigQuery, SOAR platforms, and scripting languages like Python
  • 3–5 years of experience in security operations or detection engineering
  • Familiarity with frameworks like MITRE ATT&CK and Sigma
  • Leveraging relevant certifications (e.g., CISSP, Sec+) when helpful, though not required
What we offer:
  • Meals and snacks in offices
  • Stipend and reimbursement programs for well-being and learning & development
  • Comprehensive healthcare plans
  • Family building benefits (fertility and adoption/surrogacy support)
  • Flexible time off
  • Free OneMedical memberships for you and your dependents
  • 401(k) retirement plan with employer match
  • Restricted Stock Units

Additional Information:

Job Posted:
December 07, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Clear - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Threat Detections Engineer II

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Security Engineer II is an individual contributor who will participate and m...
Location
Location
United States , Fountain Valley
Salary
Salary:
83940.00 - 120032.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
  • Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
  • Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
  • Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
  • Virtual Private Networks
  • SSL, IPSec, and Site-to-Site
  • Enterprise-Class Stateful Inspection Firewalls
  • Network Access Controls in context to Identity Management
  • Windows Server OS & Desktop OS
  • Network Packet Inspection
Job Responsibility
Job Responsibility
  • Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
  • Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
  • Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
  • Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
  • Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
  • Oversees the installation, configuration, and supportive processes of security technologies
  • Participate in or lead the Incident Response activities
  • Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
  • Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
  • Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
  • Fulltime
Read More
Arrow Right

Graph Researcher II

The Defender Experts (DEX) Research team is at the forefront of Microsoft’s thre...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in security research, detection engineering, threat lifecycle, cloud security in large-scale in complex cloud environments
  • Strong understanding of graph theory, graph databases (e.g., Neo4j, TigerGraph), and graph analytics with proficiency in Python or similar languages for data analysis and prototyping
  • Experience working with large-scale datasets, distributed systems and graph analytics projects
  • Ability to translate complex threat data into graphs and actionable insights
  • Experience with machine learning or statistical modelling applied to graph data
  • Proven ability to lead and execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments
  • Knowledge of adversary infrastructure tracking, malware analysis, or campaign clustering
  • Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions
Job Responsibility
Job Responsibility
  • Design and maintain scalable threat graphs that model entities such as devices, identity, threat actors, TTPs, infrastructure, and campaigns
  • Execute advanced research to develop algorithms and heuristics to detect malicious patterns and relationships within graph data on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments
  • Collaborate with threat protection researchers, data scientists, and detection engineers to enrich graph models with contextual insights and refine detection and response strategies, to provide comprehensive threat coverage and response capabilities
  • Research and prototype novel graph-based techniques for threat detection, attribution, and prioritization in collaboration with internal and external security teams
  • Translate complex raw security data into actionable graph intelligence that enhances the effectiveness of security operations for a global customer base
  • Mentor, guide, and drive best practices among researchers and detection engineers on advanced graph-based threat hunting and incident response across diverse ecosystems
  • Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat graph models, and proactively identifying threats and attack trends in the cloud
  • Fulltime
Read More
Arrow Right

Security Analyst II

Security represents the most critical priorities for our customers in a world aw...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Active U.S. Government Top Secret Clearance with access to Sensitive Compartmented Information (SCI) based on a Single Scope Background Investigation (SSBI) with Polygraph
  • Ability to meet Microsoft, customer and/or government security screening requirements pre-offer and post-hire
  • Verification of U.S. citizenship
Job Responsibility
Job Responsibility
  • Perform investigation on suspected vulnerable or compromised assets and services, and analyze log data and other artifacts to determine what occurred
  • Identify potential issues with detection (e.g., false positives, noise)
  • Analyze potential or actual intrusions identified as a result of monitoring activities
  • Create detections based on available data (e.g., Indicators of Compromise [IOC] and Tools Tactics Procedures [TTP])
  • Plan and execute proactive adversary hunt for malicious activity using myriad log sources, network- and host-based tools, and threat intelligence to identify the threat actors and their tools and techniques
  • Analyze key metrics and Key Performance Indicators (KPIs) and other data sources (e.g., bugs, unhealthy data pipeline) and identifies trends in security issues and escalates appropriately
  • Recommend improvements and/or metrics to address gaps in measurement
  • Proactively identify and investigate potential issues in controls (e.g., network, identity, etc.)
  • Leverage expertise and team members to address and drive down issues accordingly
  • Identify and/or recognize patterns and recommend potential mitigation strategies
  • Fulltime
Read More
Arrow Right

Graph Researcher II

The Defender Experts (DEX) Research team is at the forefront of Microsoft’s thre...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of graph theory, graph databases (e.g., Neo4j, TigerGraph), and graph analytics with proficiency in Python or similar languages for data analysis and prototyping
  • Experience working with large-scale datasets, distributed systems and graph analytics projects
  • Ability to translate complex threat data into graphs and actionable insights
  • Experience with machine learning or statistical modelling applied to graph data
  • Proven ability to execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments
  • Knowledge of adversary infrastructure tracking, malware analysis, or campaign clustering
  • Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions
Job Responsibility
Job Responsibility
  • Design and maintain scalable threat graphs that model entities such as devices, identity, threat actors, TTPs, infrastructure, and campaigns
  • Execute advanced research to develop algorithms and heuristics to detect malicious patterns and relationships within graph data on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments
  • Collaborate with threat protection researchers, data scientists, and detection engineers to enrich graph models with contextual insights and refine detection and response strategies, to provide comprehensive threat coverage and response capabilities
  • Research and prototype novel graph-based techniques for threat detection, attribution, and prioritization in collaboration with internal and external security teams
  • Translate complex raw security data into actionable graph intelligence that enhances the effectiveness of security operations for a global customer base
  • Mentor, guide, and drive best practices among researchers and detection engineers on advanced graph-based threat hunting and incident response across diverse ecosystems
  • Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat graph models, and proactively identifying threats and attack trends in the cloud
  • Fulltime
Read More
Arrow Right

Security Operations Engineering II

Microsoft Teams is the hub for teamwork used by millions of users to be more eng...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience.
Job Responsibility
Job Responsibility
  • Identifies and addresses underlying causes of security shortcomings. Develops security guidance to address shortcomings and to build best practices. Ensures identified vulnerabilities are resolved correctly. Leverages latest tools and technologies (e.g., artificial intelligence) to identify and mitigate security issues with minimal guidance
  • Investigates, diagnoses, and triages security incidents with minimal guidance, deepening trust through proactive customer connection and crisis and incident response. Contributes to postmortem and root cause analyses for security incidents. Collaborates with others to create repair items, tools, and/or systems to support incident management. Begins to leverage Incident Management System(s) to update stakeholders during and after incidents as directed
  • Leads security reviews, including architectural and design reviews, and documents findings in analysis reports. Applies best practices in security architecture, design, and development across feature areas. Identifies security risks and potential impact and collaborates with others to mitigate risks, escalating when needed. Helps monitor and respond to security events, potential vulnerabilities, exposures, and policy compliance issues, escalating as needed
  • Contributes to efforts to ensure the correct processes are followed to achieve a high degree of security, privacy, safety, and accessibility. Checks for visible evidence (e.g., audit trail) to demonstrate compliance for product areas. Develops and holds an understanding of the implications of onboarding new technologies following expectations of compliance at Microsoft. Demonstrates and maintains an up-to-date understanding of both global and local regulations for technologies and system applications to ensure regulations are met
  • Uses appropriate artificial intelligence (AI) tools and practices across the software development lifecycle (SDLC) in a disciplined manner. Takes responsibility for the content of their AI-generated changes to artifacts, reviewing all changes and applying appropriate tooling and processes with minimal guidance
  • Exhibits subject matter expertise in class or set of security issues, tools, mitigations, and processes (e.g., architecture, failure modes, attack chain, threat modeling, vulnerabilities). Provides guidance to others in areas of expertise. Maintains current knowledge by investing time and effort. Proactively seeks opportunities to learn.
  • Fulltime
Read More
Arrow Right

Security Operations Engineer II

Microsoft 365 continues to experience incredible growth as the company focuses o...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Ensure accuracy and comprehensiveness in security policy, and design mitigation strategies for identified gaps
  • Collaborate with internal and external parties to ensure service level agreements are reached when addressing threats
  • Design for the customer experience by sharing best practices, interacting directly with customers, and resolving issues
  • Recommend mitigation strategies based on identified security trends
  • Analyze specific aspects of attempts to compromise systems security
  • Use monitoring techniques to identify intrustions
  • Understand how weaponized code can be used and recommend potential detections and signatures for defense capabilities
  • Design evolving common infrastructure architecture for our organization
  • Support development teams with securing applications and services
  • Stay relevant with emerging Azure features including risk and security principles
  • Fulltime
Read More
Arrow Right