Senior Detection Engineer (Cybersecurity)

TL;DR

Senior Detection Engineer (Cybersecurity): Designing and tuning high-fidelity detection rules based on the MITRE ATT&CK framework to identify malicious activity across endpoints, cloud, and network with an accent on Detection-as-Code and SIEM lifecycle management. Focus on implementing version-controlled alerts, performing deep-dive Tier 3 incident analysis, and automating log onboarding.

Location: Must be based in the USA. Remote role, however, candidates within 45 miles of the Westlake/Dallas, TX office are expected to work on-site Tuesday through Thursday.

Salary: $117,100 - $154,000 USD

Company

hirify.global is a technology workforce development company providing a curated learning platform to accelerate technical skills and capabilities for the global tech workforce.

What you will do

• Design, develop, and tune high-fidelity SIEM detection rules based on the MITRE ATT&CK framework across endpoints, cloud, and network.
• Implement Detection-as-Code, treating security alerts as engineering problems requiring tuning, testing, and version control.
• Serve as the primary Tier 3 escalation point for MDR and SOC, performing deep-dive analysis on complex incidents.
• Engineer SIEM architecture by validating log ingestion health and onboarding data from Cloud APIs, SaaS, and internal apps.
• Proactively test detection rules against known attack vectors via adversary simulation to verify triggers.
• Collaborate with MDR providers to translate raw data into actionable alerts and provide feedback on triage quality.

Requirements

• Must be based in the USA.
• 3+ years of proven experience in SIEM Content Development or Detection Engineering.
• Bachelor of Science in CIS/MIS/CS/CE, Engineering, or equivalent experience.
• Possess DoD 8570/8140 recognized certifications (e.g., GCIA, GMON, GCDA, CEH, or CySA+).
• Proficiency in SIEM-specific content development, including advanced queries, dashboards, and correlation searches.
• Strong scripting skills in Python, Bash, or PowerShell for API integration and data manipulation.

Nice to have

• Familiarity with Cloud Security detection strategies for AWS, Azure, and GCP.
• Experience with Endpoint telemetry and EDR process trees.

Culture & Benefits

• Blended workplace offering remote or hybrid setups depending on role and location.
• Comprehensive benefits including medical coverage and unlimited PTO.
• Support for continuous growth via professional development funds and a hirify.global subscription.
• Culture based on trust, autonomy, collaboration, and a strong commitment to diversity and belonging.
• Wellness reimbursements and competitive compensation packages.