Description

What's the Job?

• Design, write, tune, and maintain detection logic, correlations, and rules across SIEM and detection platforms such as Splunk, Elastic, QRadar, and Sentinel.
• Engineer detections using behavioral, sequence-based, and threat-informed logic to identify sophisticated adversary techniques.
• Continuously tune detections to reduce noise, improve fidelity, and adapt to evolving threat landscapes.
• Build and maintain production-grade security dashboards that support analyst triage, incident response, and executive decision-making.
• Map detections and dashboards to MITRE ATT&CK techniques, validating coverage through simulations and real-world incident reviews.

What's Needed?

• 5+ years of experience in Detection Engineering, Security Content Development, or Threat Detection.
• Strong hands-on experience with SIEM and detection platforms such as Splunk, Crowdstrike, Tanium, or Microsoft Defender.
• Deep understanding of threat detection logic, security telemetry (endpoint, identity, network, cloud, SaaS), and adversary tradecraft.
• Experience building security dashboards and visualizations used in operational SOC or fusion center environments.
• Excellent documentation and communication skills, with the ability to collaborate across teams and operationalize detection strategies

Key Skills

Education

Any Graduate