Plus
Включить Plus
Назад
Company hidden
2 часа назад

Senior Detection Engineer (Cybersecurity)

99 000 - 225 000$
Формат работы
remote (только USA)/hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Detection Engineer (Cybersecurity): Designing, building, and maintaining production-grade detections across endpoint, network, identity, SaaS, and cloud data sources with an accent on Detection-as-Code (DaC) and automation. Focus on mapping rules to MITRE ATT&CK, iterating on detection fidelity, and collaborating with incident responders and hunters to improve mission outcomes.

Location: Remote/Hybrid (Fort Meade, Maryland, USA). Candidate must be able to obtain a Secret clearance.

Salary: $99,000 – $225,000 per year

Company

hirify.global is a leading professional services firm providing consulting and technology services to government and commercial clients.

What you will do

  • Design, build, test, and maintain production-grade detections across endpoint, network, identity, SaaS, and cloud sources.
  • Implement Detection-as-Code (DaC) practices using Git workflows, CI pipelines, automated linting, and unit tests.
  • Map detections to MITRE ATT&CK techniques and maintain high-fidelity coverage dashboards.
  • Collaborate with incident responders, threat hunters, and platform engineers to optimize detection performance.
  • Manage the ruleset lifecycle, including versioning, semantic versioning, and detailed changelogs.

Requirements

  • 5+ years of experience in security engineering, SOC analytics, or threat hunting.
  • Proficiency in authoring detections using two or more of: Sigma, YARA, Suricata, Splunk SPL, KQL, or SQL.
  • Practical experience with DaC best practices, including Git workflows and CI/CD pipelines.
  • Experience building detections across EDR/XDR, SIEM, and cloud telemetry platforms.
  • Ability to obtain and maintain a Secret clearance.
  • Must be based in the USA.

Nice to have

  • Experience with adversary simulation or detection validation frameworks.
  • Scripting and programming skills in Python or Go for detection automation.
  • Experience with AWS, Azure, or GCP logging architectures and SIEM/XDR platforms like Sentinel or Chronicle.
  • Knowledge of ECS and CIM data models and MITRE ATLAS for AI-relevant threat behaviors.
  • Certifications such as GCIA, GCTI, GCDA, or GMON.

Culture & Benefits

  • Comprehensive health, life, disability, and financial retirement benefits.
  • Paid leave, professional development, and tuition assistance.
  • Work-life programs and dependent care support.
  • People-first culture emphasizing collaboration regardless of physical location.
  • Recognition awards program for exceptional performance.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →