CrawlJobs Logo

Threat Detections Engineer II

United States, Austin · Job Posted December 07, 2025
Apply Position
Job Link Share

Job Description

We’re looking for a thoughtful and driven Threat Detection Engineer II to help strengthen CLEAR’s cyber defense capabilities. In this role, you’ll turn threat insights into meaningful action by designing, building, and refining the detections that keep our systems secure. You’ll spend your time developing reliable, high-quality detection logic, tuning existing rules to reduce noise, and automating key parts of the detection lifecycle so our teams can respond faster and more effectively.

Job Responsibility

  • Design, implement, and tune custom detections that identify malicious or anomalous activity across a wide range of data sources
  • Translate threat intelligence, incident learnings, and emerging trends into high-impact detection logic
  • Partner closely with Threat Intelligence, Incident Response, Automation, and other security teams to operationalize new detections, refine response strategies, and improve overall signal fidelity
  • Continuously assess detection performance by analyzing false positives, coverage gaps, and visibility across critical assets
  • Support and expand automation efforts across the detection lifecycle—including development, validation, deployment, and routine maintenance
  • Document detection logic, workflows, and data sources clearly and consistently
  • Map detection coverage to frameworks like MITRE ATT&CK and contribute to reducing measurable gaps over time

Requirements

  • Building, tuning, and validating detections in SIEM or cloud-native environments
  • Strong understanding of networking, identity, endpoint telemetry, and modern attack techniques
  • Spotting patterns across network, endpoint, identity, and cloud data
  • Writing clear, scalable detection logic using rule languages, scripting, automation frameworks, and Detection-as-Code practices
  • Collaborating across security functions and communicating effectively
  • Staying curious, adaptable, and detail-oriented
  • Hands-on experience with tools such as Google Chronicle, YARA/YARA-L, BigQuery, SOAR platforms, and scripting languages like Python
  • 3–5 years of experience in security operations or detection engineering
  • Familiarity with frameworks like MITRE ATT&CK and Sigma
  • Leveraging relevant certifications (e.g., CISSP, Sec+) when helpful, though not required

What we offer

  • Meals and snacks in offices
  • Stipend and reimbursement programs for well-being and learning & development
  • Comprehensive healthcare plans
  • Family building benefits (fertility and adoption/surrogacy support)
  • Flexible time off
  • Free OneMedical memberships for you and your dependents
  • 401(k) retirement plan with employer match
  • Restricted Stock Units

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Threat Detections Engineer II

8 matching positions

New

Software Engineer II & Senior Software Engineer

Attacks begin on the endpoint—it’s where an intruder first lands, runs malware, ...
Location
Location
United States , Redmond
Salary
Salary:
102100.00 - 202200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 2+ years technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience
  • Ability to meet Microsoft, customer, and/or government security screening requirements
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years.
Job Responsibility
Job Responsibility
  • Build and improve detection, OS event monitoring, telemetry, and reporting in the on-device agent
  • Develop native components that detect and respond to real-world endpoint threats
  • Design, deliver, and maintain components with a focus on reliability, performance, and operational health
  • Help ensure the agent remains efficient, safe, and aligned with the macOS security model
  • Contribute to performance, concurrency, and compatibility across macOS versions
  • Produce high-quality telemetry that supports investigation, analytics, and security insights
  • Investigate and resolve issues such as crashes, performance regressions, and compatibility challenges
  • Apply secure coding practices and validate assumptions to build resilient systems
  • Collaborate with engineers and partner teams to deliver integrated security solutions
  • Contribute to design discussions, code reviews, and shared engineering practices
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Cloud & AI organization accelerates Microsoft’s mission and bold ambitions t...
Location
Location
United States , Redmond
Salary
Salary:
102100.00 - 202200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 1+ year(s) experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 2+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Lead Threat Detection & Incident Response: Proactively identify and respond to sophisticated threats by analyzing diverse security signals, driving rapid containment, and reducing risk to critical systems and data
  • Own End-to-End Investigations: Perform deep-dive investigations into complex security events, determine scope and root cause, and drive incidents to resolution with clear documentation and action
  • Drive Cross-Functional Security Outcomes: Partner with threat intelligence, detection engineering, product teams, and researchers to translate insights into actionable improvements in detection, response, and remediation
  • Advance Detection & Response Capabilities: Identify gaps in existing detections and workflows, and contribute to building, tuning, and scaling automation and detection logic to improve coverage and efficiency
  • Enable Operational Excellence at Scale: Leverage data, analytics, and security telemetry to prioritize work, improve investigation quality, and enhance consistency across a globally distributed operations model
  • Continuously Evolve Against Emerging Threats: Stay ahead of the threat landscape by applying new techniques, tools, and intelligence to strengthen investigative depth and response effectiveness
  • Foster a Learning & Knowledge-Sharing Culture: Contribute to team growth through mentorship, documentation, and sharing best practices to elevate overall team capability and performance
What we offer
What we offer
  • Certain roles may be eligible for benefits and other compensation
  • Fulltime
Read More
Arrow Right

Software Engineer II

Are you excited about building capabilities that help protect our customers from...
Location
Location
United States , Redmond
Salary
Salary:
102100.00 - 202200.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND 2+ years technical engineering experience with coding in languages including, but not limited to, C, C++ or Java OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check
Job Responsibility
Job Responsibility
  • Design, implement, test, and operate cloud‑based backend services and APIs on Azure that support security detection, investigation, and response workflows
  • Build AI‑powered product features using technologies such as large language models (LLMs), vector stores, and agentic workflows to improve security signal analysis and customer outcomes
  • Own medium‑to‑large features end‑to‑end, including design, implementation, deployment, monitoring, and iteration in production environments
  • Collaborate closely with Product Managers, Security Researchers, and Engineers to translate security domain requirements into reliable, scalable software solutions
  • Contribute to technical design discussions and reviews, proposing sound designs, identifying trade‑offs, and incorporating feedback from lead engineers and stakeholders
  • Write high‑quality, maintainable code, participate in peer code reviews, and follow secure coding and engineering best practices aligned with Microsoft standards
  • Monitor and troubleshoot live services, using telemetry and logs to diagnose issues, improve system reliability, and enhance performance and scalability
  • Apply Security‑by‑Design and Responsible AI principles when building features that leverage AI to enhance threat detection and response capabilities
  • Continuously improve engineering efficiency by leveraging AI tooling, automation, and documentation to streamline development and operational workflows
  • Contribute positively to team culture, demonstrating growth mindset, openness to feedback, and a collaborative approach in a fast‑paced, data‑driven environment
What we offer
What we offer
  • Benefits and other compensation
  • certain roles may be eligible for benefits
  • Fulltime
Read More
Arrow Right

Ai Engineer Ii

The AI Center of Excellence (AI CoE) brings together AI Engineers and Data Scien...
Location
Location
India , Pune
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2–5 years of experience in AI/ML engineering or software engineering with AI focus
  • Foundational hands-on experience with LangChain or similar LLM orchestration frameworks
  • Familiarity with prompt engineering concepts and techniques
  • Basic understanding of RAG pipelines - what they are, how retrieval works, and where they're applied
  • Awareness of agentic AI patterns - tool-calling, agent loops, ReAct
  • Exposure to LLM evaluation - understanding what good vs. bad LLM output looks like and how to measure it
  • Working knowledge of AWS Bedrock and/or SageMaker for AI/ML workloads
  • Strong Python skills and a learning-first mindset
  • Working proficiency with pandas, NumPy, scikit-learn
  • Solid understanding of supervised and unsupervised ML, feature engineering, and model evaluation metrics
Job Responsibility
Job Responsibility
  • Contribute to building agentic AI workflows - tool-calling, basic agent loops, and LLM-driven automation under senior guidance
  • Assist in developing and maintaining RAG pipelines - document ingestion, chunking, embedding, and retrieval
  • Implement and iterate on prompt engineering - few-shot prompting, chain-of-thought, structured outputs
  • Work with LangChain / LangGraph for LLM orchestration and chaining tasks
  • Support LLM evaluation tasks - writing eval datasets, measuring output quality, running benchmarks
  • Contribute to observability and monitoring of LLM systems - latency, token usage, output quality dashboards
  • Deploy and test LLM-powered features on AWS Bedrock, Lambda, and SageMaker
  • Participate in prompt versioning and LLM CI/CD pipelines under guidance of senior engineers
  • Assist with guardrail implementation and output validation for production GenAI systems
  • Learn and apply agentic AI patterns - ReAct, tool-use APIs, and structured output parsing
  • Fulltime
Read More
Arrow Right

Soc Engineer Ii - Secret Clearance

Zachary Piper Solutions is seeking a SOC Engineer II – Secret Clearance for a wo...
Location
Location
United States , Raleigh
Salary
Salary:
105000.00 - 125000.00 USD / Year
pipercompanies.com Logo
Piper Companies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years of experience in a Security Operations Center or cybersecurity role
  • Active Secret clearance is required
  • Hands‑on experience with SIEM platforms such as Splunk
  • Knowledge of incident response, threat detection, and vulnerability management processes
  • Familiarity with networking concepts, operating systems, and common attack vectors
  • Experience working in government, defense, or regulated environments preferred
Job Responsibility
Job Responsibility
  • Monitor security alerts and events using SIEM and security monitoring tools to identify potential threats
  • Investigate, analyze, and respond to security incidents in accordance with established procedures
  • Perform threat hunting and proactive analysis to identify indicators of compromise
  • Collaborate with incident response, engineering, and compliance teams to remediate security issues
  • Maintain documentation related to incidents, response actions, and lessons learned
  • Support continuous improvement of SOC processes, tools, and detection capabilities
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • 401(k)
  • PTO
  • Sick Leave as required by law
  • Fulltime
Read More
Arrow Right

Soc Ii Engineer

Piper Companies is seeking a SOC II Engineer (Tier II Support) to support securi...
Location
Location
United States , Raleigh
Salary
Salary:
130000.00 - 150000.00 USD / Year
pipercompanies.com Logo
Piper Companies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active Secret Clearance (required)
  • Experience providing Tier II SOC or security operations support
  • Hands-on experience with Splunk for security monitoring and log analysis
  • Understanding of SOC II controls, security frameworks, and compliance requirements
  • Strong incident response, troubleshooting, and documentation skills
  • Ability to work in a hybrid schedule in RTP, NC or Fulton, MD
Job Responsibility
Job Responsibility
  • Provide Tier II security operations support, investigating and responding to security incidents and alerts
  • Monitor, analyze, and triage security events using Splunk and other SIEM tools
  • Support SOC II compliance efforts, including control validation, evidence collection, and audit readiness
  • Perform log analysis and threat detection related to RTP and other critical financial systems
  • Escalate complex incidents and collaborate with Tier III engineers and security leadership as needed
  • Document incidents, response actions, and remediation steps in accordance with security policies
  • Participate in continuous improvement of SOC processes, playbooks, and monitoring capabilities
What we offer
What we offer
  • medical
  • dental
  • vision
  • 401(k)
  • PTO
  • Fulltime
Read More
Arrow Right

Security Customer Experience Engineer II

The mission of the Microsoft Security organization—to make the world a safer pla...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Sales, Marketing, Computer Science, Information Technology (IT), Data Science, Business Analytics, Business, Finance, Mathematics, Physical Sciences, Humanities, or related field AND 2+ years experience in consulting, change management, project management, customer engagement, sales/business engagement, relationship management, analytics, or customer feedback and intelligence program management OR equivalent experience
  • Bachelor's Degree AND 5+ years’ experience in product/service/project/program management or software development OR equivalent experience
  • Understands basic cloud architectures, email security concepts, and technologies as they relate to Microsoft Defender for Office 365 (MDO) or similar email/collaboration security platforms
  • Familiar with email protocols (SMTP, DNS/MX, SPF, DKIM, DMARC), mail flow architecture, and web technologies relevant to Exchange Online and Microsoft 365 collaboration security
  • Has hands-on experience with setup and configuration of Microsoft Defender for Office 365 policies (Safe Attachments, Safe Links, Anti-Phishing, Anti-Spam, Anti-Malware) or similar email security technologies
  • Exposed to integration of Microsoft Defender for Office 365 with Microsoft Defender XDR, and familiar with Security Copilot capabilities in the context of email threat investigation and response
  • Experienced in basic onboarding and configuration of Microsoft Defender for Office 365 protection policies and threat investigation workflows
  • Familiar with configuring mail flow rules, quarantine policies, tenant allow/block lists, and integration with Exchange Online Protection (EOP)
  • Has worked with both preset security policies and custom policy configurations within Defender for Office 365, including attack simulation training
  • Can collect and review email threat telemetry, message trace logs, and threat investigation data within Microsoft Defender for Office 365 and the Microsoft Defender portal
Job Responsibility
Job Responsibility
  • Leverage engineering tools, customer telemetry, and direct customer feedback to identify product defects, usage issues, misconfigurations, and emerging signals
  • Resolve highly complex, mission critical technical issues in a 24x7x365 operational environment
  • Independently track and manage customer incidents, engaging customers and partners to understand issues, provide status updates, and communicate progress and next steps
  • Investigate and troubleshoot issues using advanced diagnostics with minimal guidance
  • Gather and synthesize customer and partner feedback to identify feature gaps, knowledge gaps, configuration issues, and key performance indicators (KPIs)
  • Design, implement, or contribute to new features, tools, and automation to improve product quality and customer outcomes
  • Share best practices and technical guidance through multiple forums to help customers and partners remain current
  • Identify opportunities to improve troubleshooting content and drive automation of complex solutions
  • Proactively pursue professional development opportunities across product areas and business processes (e.g., mentoring, shadowing, training) to strengthen technical depth and impact
  • Conduct proactive health checks to ensure customer environments are optimized and deployment ready
  • Fulltime
Read More
Arrow Right

Clinical Engineering Medical Device Security Engineer II

As our Clinical Engineering Med Device Network Engineer, you will ensure end-to-...
Location
Location
United States , Englewood
Salary
Salary:
49.78 - 74.05 USD / Hour
americannursingcare.com Logo
American Nursing Care
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors degree in HTM, Computer Science, Technology or Business Discipline upon hire or equivalent professional experience required
  • Minimum of 5-6 years of Clinical Engineering Networking role or equivalent experience required
  • Experience with HIPAA/HITECH compliance standards required
  • Valid Driver's License
Job Responsibility
Job Responsibility
  • Ensure end-to-end security for medical devices and integrate security systems within our environment
  • Leverage technology for security testing
  • Collaborate with regional CE technicians on complex medical device projects
  • Contribute to remediation documentation with the CE Medical Device Security Team
  • Manage vendor-related device vulnerabilities
  • Support the CE IT environment
  • Provide specialized repair for medical equipment
  • Collaborate with cross-functional teams to architect solutions that strengthen security controls of network connected medical devices
  • Test configurations and deploy risk mitigation strategies
  • Prepare, document and present detailed guidance for system configuration and risk mitigation
What we offer
What we offer
  • medical
  • prescription drug
  • dental
  • vision plans
  • life insurance
  • paid time off (full-time benefit eligible team members may receive a minimum of 14 paid time off days, including holidays annually)
  • tuition reimbursement
  • retirement plan benefit(s) including, but not limited to, 401(k), 403(b), and other defined benefits offerings
  • Fulltime
Read More
Arrow Right