Security Engineer, Detection Engineering (Cybersecurity)

TL;DR

Security Engineer, Detection Engineering (Cybersecurity): Designing and developing high-fidelity detection content and operating data pipelines for security operations with an accent on adversary behavior, telemetry coverage, and automated response. Focus on identifying and closing detection gaps, engineering correlation rules, and supporting incident response across diverse infrastructure including cloud, embedded, and corporate systems.

Location: On-site in Austin, Texas; Washington, DC; San Diego, CA; or New Orleans. This role requires "U.S. Person" status and the ability to obtain and maintain a security clearance.

Company

hirify.global Technologies is a product company focused on revolutionizing autonomy at sea by developing autonomous and intelligent platforms.

What you will do

• Design, build, test, and tune high-fidelity detection rules and analytic queries across endpoint, cloud, network, identity, and DLP telemetry.
• Develop and maintain detection content using detection-as-code practices including version control, automated testing, and CI/CD.
• Map detection coverage to MITRE ATT&CK, identify gaps, and prioritize new detection development based on threat intelligence.
• Engineer correlation rules, behavioral analytics, and anomaly-based detections that minimize false positives.
• Build and operate pipelines to ingest, normalize, enrich, and manage security telemetry at scale using Terraform and infrastructure-as-code.
• Develop and manage automated response playbooks in SOAR platforms to accelerate containment and enrich alerts.
• Support incident response efforts and partner with SOC, Cloud Security, Product Security, and IT teams.

Requirements

• 3+ years of hands-on experience in detection engineering, security operations, security automation, or a closely related security engineering role.
• Demonstrated experience designing, testing, and tuning detection rules and analytic queries across production security telemetry.
• Proficiency with SIEM platforms and query languages such as SPL or KQL.
• Experience building and operating security data pipelines, including log ingestion, normalization, and enrichment.
• Hands-on coding experience in Python, PowerShell, Go, or Rust for security automation, and familiarity with Terraform.
• Understanding of MITRE ATT&CK framework and its application to detection coverage.
• Ability to obtain and maintain a security clearance and "U.S. Person" status is required.

Nice to have

• Experience in defense, aerospace, robotics, autonomy, or other high-assurance environments.
• Experience with EDR platforms, cloud-native detection in AWS and Microsoft 365/Azure.
• Hands-on experience with incident response, threat hunting, or adversary emulation.
• Exposure to embedded Linux, operational technology, or ICS telemetry and detection.
• Familiarity with NIST SP 800-171, NIST SP 800-53, or CMMC logging and monitoring requirements.

Culture & Benefits

• Comprehensive medical, dental, and vision insurance with hirify.global paying 100% of the premium for employees and 80% for dependents.
• Generous PTO and holidays, along with paid maternity and paternity leave.
• Competitive salary with opportunities for performance-based bonuses and stock options.
• 401(k) plan with company match.
• Basic life insurance and short- and long-term disability coverage.
• Discounted pet insurance options including a 24/7 Telehealth helpline.
• Free lunch benefit and unlimited free drinks and snacks in the office.