Detection Engineer

Job description

Basic Function We are hiring a Detection Engineer to sit at the intersection of security operations and security engineering. This is not a traditional SOC analyst seat. AI-driven triage and SOAR platforms now handle the bulk of routine alert processing, and the analysts who thrive in the modern SOC are the ones who build the detections those platforms execute, author the automation playbooks that accelerate response, and hunt proactively for threats that evade automated pipelines. You will own the full detection lifecycle—from threat intelligence intake and hypothesis formation through rule authoring, testing, deployment, and continuous tuning. You will also design and maintain SOAR playbooks and integrations that keep the SOC operating at machine speed, and you will serve as a hands-on incident responder when complex or novel threats demand human judgment and coordinated response. This role operates with a high degree of autonomy. There is no daily task list handed to you — you are expected to self-direct priorities, identify gaps, and drive improvements without managerial prompting. Candidates who thrive here are self-directed, comfortable defining their own work, and consistent...