About the Role
We're hiring a Detection Engineer to design, build, and validate detection rules informed by real adversary tradecraft. You'll work closely with our red and purple teams to turn attack research into defensive capability.
Responsibilities
- Develop detection rules and hunting queries for SIEM/EDR platforms
- Validate detections against real attack simulations
- Collaborate with red team operators to understand emerging TTPs
- Maintain and improve detection-as-code pipelines
- Document detection coverage and identify gaps
Requirements
- 2+ years of experience in detection engineering or SOC analysis
- Proficiency with at least one SIEM platform (Splunk, Sentinel, Elastic)
- Understanding of common attack techniques and MITRE ATT&CK
- Experience writing detection logic (Sigma, KQL, SPL)
- Familiarity with log sources across Windows, Linux, and cloud
Nice to Have
- Experience with detection-as-code workflows (CI/CD for detections)
- Purple team or threat hunting experience
- Scripting skills (Python, PowerShell)
- Offensive security background
What We Offer
- Bridge the gap between offense and defense
- Work alongside world-class red teamers
- Competitive salary and benefits
- Flexible working arrangements
- Continuous learning and development opportunities