Added
less than a minute ago
Location
Type
Full time
Salary
Upgrade to Premium to se...
Related skills
aws sigma kql splπ Description
- Design and maintain high-signal detections across cloud, identity, endpoints, and SaaS.
- Build and improve the detection platform; manage rule lifecycle, tuning, and rollout safety.
- Develop tooling and automation to accelerate triage, enrichment, and investigation.
- Translate threat intel and TTPs into durable detections and telemetry.
- Participate in investigations, incident response, and postmortems.
- Define and track metrics like coverage, MTTD, and alert quality.
- Participate in on-call rotation for incident response.
π― Requirements
- 6+ years in detection engineering, security operations, incident response, or threat hunting.
- Built and operated production detections with strong signal quality and tuning.
- Fluent in Sigma, KQL, SPL, YARA-L, EQL, or Panther.
- Offensive security mindset; led purple/blue team or adversary emulation.
- Strong cloud security experience in AWS, GCP, or Azure with identity-focused detection.
- Hands-on with SIEM, EDR, and SOAR in large-scale environments.
- Clear communication through design docs, runbooks, and incident reports; able to drive projects independently.
π Benefits
- Hybrid work options.
- Exposure to AI-enabled security workflows.
- Hands-on with cutting-edge detection tooling (SIEM/EDR/SOAR).
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest β finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!