CrawlJobs Logo

Threat Detections Engineer II

clearme.com Logo

Clear

Location Icon

Location:
United States , Austin

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We’re looking for a thoughtful and driven Threat Detection Engineer II to help strengthen CLEAR’s cyber defense capabilities. In this role, you’ll turn threat insights into meaningful action by designing, building, and refining the detections that keep our systems secure. You’ll spend your time developing reliable, high-quality detection logic, tuning existing rules to reduce noise, and automating key parts of the detection lifecycle so our teams can respond faster and more effectively.

Job Responsibility:

  • Design, implement, and tune custom detections that identify malicious or anomalous activity across a wide range of data sources
  • Translate threat intelligence, incident learnings, and emerging trends into high-impact detection logic
  • Partner closely with Threat Intelligence, Incident Response, Automation, and other security teams to operationalize new detections, refine response strategies, and improve overall signal fidelity
  • Continuously assess detection performance by analyzing false positives, coverage gaps, and visibility across critical assets
  • Support and expand automation efforts across the detection lifecycle—including development, validation, deployment, and routine maintenance
  • Document detection logic, workflows, and data sources clearly and consistently
  • Map detection coverage to frameworks like MITRE ATT&CK and contribute to reducing measurable gaps over time

Requirements:

  • Building, tuning, and validating detections in SIEM or cloud-native environments
  • Strong understanding of networking, identity, endpoint telemetry, and modern attack techniques
  • Spotting patterns across network, endpoint, identity, and cloud data
  • Writing clear, scalable detection logic using rule languages, scripting, automation frameworks, and Detection-as-Code practices
  • Collaborating across security functions and communicating effectively
  • Staying curious, adaptable, and detail-oriented
  • Hands-on experience with tools such as Google Chronicle, YARA/YARA-L, BigQuery, SOAR platforms, and scripting languages like Python
  • 3–5 years of experience in security operations or detection engineering
  • Familiarity with frameworks like MITRE ATT&CK and Sigma
  • Leveraging relevant certifications (e.g., CISSP, Sec+) when helpful, though not required
What we offer:
  • Meals and snacks in offices
  • Stipend and reimbursement programs for well-being and learning & development
  • Comprehensive healthcare plans
  • Family building benefits (fertility and adoption/surrogacy support)
  • Flexible time off
  • Free OneMedical memberships for you and your dependents
  • 401(k) retirement plan with employer match
  • Restricted Stock Units

Additional Information:

Job Posted:
December 07, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Clear - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Threat Detections Engineer II

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Senior Security Operations Engineer II

As a Senior Security Operations Engineer, you’ll play a key role in ensuring the...
Location
Location
United States , Scottsdale
Salary
Salary:
Not provided
axon.com Logo
Axon
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in operations, site reliability, or infrastructure engineering roles
  • Strong experience securing and managing cloud environments (e.g., AWS, Azure) and containerized workloads
  • Deep understanding of Linux systems, networking, distributed systems, and their associated security controls
  • Proficiency in automation, scripting, and security tooling integration to streamline operations and enforcement
  • Experience with security monitoring, alerting, SIEM platforms, and observability tools
  • Solid grasp of CI/CD practices with integrated security testing and compliance checks
  • Experience managing Kubernetes clusters and running containerized workloads in production
  • Experience with deploying and administrating any of the following: scalable cloud native secrets solutions such as AWS KMS, Azure KeyVault
  • PKI solutions such as EJBCA, Smallstep, Venafi
  • or vaulting solutions such as Hashicorp Vault
Job Responsibility
Job Responsibility
  • Implementing and improving automated security checks in CI/CD pipelines to prevent vulnerabilities from reaching production
  • Writing, reviewing, and maintaining security-focused infrastructure-as-code for scalable and compliant deployments
  • Investigating security incidents, performing root cause analysis, and implementing long-term mitigation strategies
  • Collaborating with developers to develop new features, services, and infrastructure requirements
  • Enhancing security observability through improved log collection, metrics, and alerting configurations
  • Maintaining and improving security runbooks, incident response playbooks, and internal security tooling for operational efficiency
  • Resolve security/infrastructure incidents by participating in high impact/high visibility incidents as a participant and ideally as an incident commander
  • Maintain and secure critical infrastructure components such as PKI (Public Key Infrastructure) and IAM ( Identity & Access Management) systems, ensuring reliability, scalability, and compliance with organizational and industry security standards
  • Build and maintain secure, reliable, and scalable infrastructure that protects core services and sensitive data
  • Troubleshoot and resolve complex operational and system-level issues across environments
What we offer
What we offer
  • Competitive salary and 401k with employer match
  • Discretionary paid time off
  • Paid parental leave for all
  • Medical, Dental, Vision plans
  • Fitness Programs
  • Emotional & Mental Wellness support
  • Learning & Development programs
  • Snacks in our offices
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Security Engineer II is an individual contributor who will participate and m...
Location
Location
United States , Fountain Valley
Salary
Salary:
83940.00 - 120032.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
  • Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
  • Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
  • Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
  • Virtual Private Networks
  • SSL, IPSec, and Site-to-Site
  • Enterprise-Class Stateful Inspection Firewalls
  • Network Access Controls in context to Identity Management
  • Windows Server OS & Desktop OS
  • Network Packet Inspection
Job Responsibility
Job Responsibility
  • Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
  • Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
  • Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
  • Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
  • Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
  • Oversees the installation, configuration, and supportive processes of security technologies
  • Participate in or lead the Incident Response activities
  • Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
  • Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
  • Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
  • Fulltime
Read More
Arrow Right

Graph Researcher II

The Defender Experts (DEX) Research team is at the forefront of Microsoft’s thre...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of graph theory, graph databases (e.g., Neo4j, TigerGraph), and graph analytics with proficiency in Python or similar languages for data analysis and prototyping
  • Experience working with large-scale datasets, distributed systems and graph analytics projects
  • Ability to translate complex threat data into graphs and actionable insights
  • Experience with machine learning or statistical modelling applied to graph data
  • Proven ability to execute advanced research on emerging cloud-based threats affecting both Microsoft and third-party security products across heterogeneous cloud environments
  • Knowledge of adversary infrastructure tracking, malware analysis, or campaign clustering
  • Extensive hands-on experience with cloud platforms—including, but not limited to, Azure—as well as a deep understanding of multi-cloud security challenges and solutions
Job Responsibility
Job Responsibility
  • Design and maintain scalable threat graphs that model entities such as devices, identity, threat actors, TTPs, infrastructure, and campaigns
  • Execute advanced research to develop algorithms and heuristics to detect malicious patterns and relationships within graph data on emerging cloud-based threats impacting Microsoft and third-party security products across heterogeneous cloud environments
  • Collaborate with threat protection researchers, data scientists, and detection engineers to enrich graph models with contextual insights and refine detection and response strategies, to provide comprehensive threat coverage and response capabilities
  • Research and prototype novel graph-based techniques for threat detection, attribution, and prioritization in collaboration with internal and external security teams
  • Translate complex raw security data into actionable graph intelligence that enhances the effectiveness of security operations for a global customer base
  • Mentor, guide, and drive best practices among researchers and detection engineers on advanced graph-based threat hunting and incident response across diverse ecosystems
  • Contribute to industry knowledge and Microsoft’s security posture by publishing research, developing threat graph models, and proactively identifying threats and attack trends in the cloud
  • Fulltime
Read More
Arrow Right

Security Engineer II

Microsoft Teams is the hub for teamwork used by millions of users to be more eng...
Location
Location
United States , Redmond
Salary
Salary:
100600.00 - 199000.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 1+ year(s) experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 2+ years experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection
  • OR equivalent experience
  • Preferred: Master's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 3+ years of experience in software development lifecycle, large scale computing, threat modeling, cyber security, anomaly or detection (enterprise experience)
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, Risk Management, Cyber Security, or related field AND 5+ years of experience in software development lifecycle, large scale computing, threat modeling, cyber security, or anomaly detection (enterprise experience)
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Identifies and addresses underlying causes of security shortcomings
  • Develops security guidance to address shortcomings and to build best practices
  • Ensures identified vulnerabilities are resolved correctly
  • Leverages latest tools and technologies (e.g., artificial intelligence) to identify and mitigate security issues with minimal guidance
  • Investigates, diagnoses, and triages security incidents with minimal guidance
  • Contributes to postmortem and root cause analyses for security incidents
  • Collaborates with others to create repair items, tools, and/or systems to support incident management
  • Begins to leverage Incident Management System(s) to update stakeholders during and after incidents as directed
  • Leads security reviews, including architectural and design reviews, and documents findings in analysis reports
  • Applies best practices in security architecture, design, and development across feature areas
  • Fulltime
Read More
Arrow Right

Senior Security Engineer II

We are looking for an experienced security engineer to join our infrastructure s...
Location
Location
India
Salary
Salary:
Not provided
confluent.io Logo
Confluent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of relevant industry experience
  • Strong domain knowledge in security incident detection and response
  • Hands-on experience in instrumenting and deploying telemetry solutions to ensure visibility in large-scale, heterogenous deployments
  • Demonstrated experience with effective incident response and containment practices, preferably in a cloud-first environment
  • Experience with operating open-source and/or commercial solutions for logging and security event management
  • Decision-maker with the ability to operate with freedom and autonomy
  • Experience working with distributed teams and other cross-functional stakeholders
  • Ability to manage competing priorities and workload
  • Ability to script or code fluently in an interpreted language
Job Responsibility
Job Responsibility
  • Collaborate with engineering teams for building and setting up pipelines needed to gather relevant security telemetry
  • Build and maintain an effective and scalable security monitoring infrastructure solution
  • Develop detection strategies to identify anomalous activity and ensure that our critical infrastructure and services operate in a safe environment
  • Triage alerts and drive security incidents to closure while reducing its potential impact to Confluent
  • Build processes and workflows to triage security alerts and respond to real incidents
  • Research new threat attack vectors and ensure that our detection and response capability is in line with the current threat landscape
  • Proactively improve the quality of our detection rules and strive to eliminate classes of issues by working directly with engineering teams
  • Contribute to strategy, risk management and prioritization for all efforts around detection and response
What we offer
What we offer
  • Remote-First Work
  • Robust Insurance Benefits
  • Flexible Time Away
  • The Best Teammates
  • Experience Ambassadors
  • Open and Honest Culture
  • Well-Being and Growth
Read More
Arrow Right

Engineer II - Insider Threat

The Engineer II, Insider Threat, is a mid-level technical role within the Cyber ...
Location
Location
United States , Conshohocken; Remote
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
March 13, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Behavioral Science, or equivalent work experience
  • Knowledge of insider threat detection methodologies, user activity monitoring, DLP, and investigative practices
  • Familiarity with privacy, compliance, and employment standards (e.g., GDPR, HIPAA, SOX, CCPA)
  • 3–5 years of progressive experience in cybersecurity, investigations, or risk management, with at least 1–2 years dedicated to insider threat or DLP operations
  • Hands-on experience with insider threat monitoring platforms, behavioral analytics, and DLP tools
  • Demonstrated ability to handle confidential investigations with discretion
  • Strong communication and writing skills for documenting findings and Briefing Stakeholders
Job Responsibility
Job Responsibility
  • Monitor and analyze user activity logs, alerts, and behavioral indicators to identify potential insider threats
  • Conduct investigations into moderate-complexity insider threat cases, including data misuse, exfiltration, fraud, and policy violations
  • Administer, monitor, and tune Data Loss Prevention (DLP) technologies to detect and prevent unauthorized movement of sensitive data
  • Investigate and respond to DLP alerts, escalating incidents when necessary with clear documentation and supporting evidence
  • Support the development and refinement of insider threat detection rules, analytics, and use cases
  • Contribute to the creation and improvement of playbooks and investigative workflows, including DLP-related scenarios
  • Collaborate with HR, Legal, and Corporate Security to ensure coordinated responses to insider incidents
  • Document findings and prepare clear reports for management and other stakeholders
  • Share knowledge with Engineer I analysts and contribute to team training efforts
  • Participate in awareness and deterrence initiatives by providing technical input to educational campaigns
What we offer
What we offer
  • medical
  • dental
  • vision care
  • comprehensive suite of benefits focusing on physical, emotional, financial, and social wellness
  • support for working families
  • backup dependent care
  • adoption assistance
  • infertility coverage
  • family building support
  • behavioral health solutions
  • Fulltime
!
Read More
Arrow Right

Cybersecurity Incident Handler

As a security operations center analyst, you’re in the middle of the action, res...
Location
Location
United States , San Antonio
Salary
Salary:
69400.00 - 158000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity
  • Experience in a security operations center, including incident response activities such as analysis of artifacts, writing incident reports, and triaging of security events
  • Knowledge of cyber threat intelligence, digital forensics, red teaming, threat hunt, cloud incident response, counterintelligence, and detection engineering
  • Knowledge of cybersecurity standards and the implementation of industry best practices
  • Knowledge of external standards, including ISO 22301, ISO 22317, and NIST guidelines such as NIST 800-53 or NIST 800-61
  • Ability to work a rotating shift schedule supporting a 24/7 environment
  • TS/SCI clearance
  • HS diploma or GED
  • DoD 8140 Baseline Level II Certification
Job Responsibility
Job Responsibility
  • Monitor and analyze threats using state-of-the-art tools
  • Work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact
  • Analyze incidents to figure out just how many systems are affected and assist recovery efforts
  • Combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers’ goals to stop them from succeeding
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy