Detection Engineer

Job description

Responsibilities We are seeking a highly skilled and innovative Detection Engineer to join our team in the greater DMV area, supporting the Army National Guard. Responsibilities: - Develop and maintain detection logic across SIEM, IDS/IPS, endpoint, and OT/DCI monitoring platforms: correlation rules, signatures, and behavioral analytics. - Translate threat intelligence, CDAP findings, CHAP results, and vulnerability data into detection use cases, dashboards, and alerting content. - Test detection rules in lab and sample datasets to verify functionality, tune for false‑positive reduction, and validate operational readiness. - Document detection logic, metadata, versioned content, and change histories to support operational tracking and auditability. - Collaborate with SOC and NOSC analysts to tune alerts, refine rule logic, and validate detections against observed activity. - Update runbooks, produce tuning notes, and support analysts during triage and validation workflows. - Coordinate with data engineers to ensure ingestion, normalization, and field mappings for high‑value telemetry sources. - Review telemetry quality, identify gaps in coverage, and report issues that affect detec...