Threat Detection Engineer

About the Role We are seeking a Threat Detection Engineer with technical depth, security intuition, and entrepreneurial spirit to join our Threat Defense & Response team! You'll collaborate with cross-functional teams to create innovative detection strategies and help develop a best-in-class threat detection program across multiple technology stacks. You will help build a larger external threat detection community benefiting security defenders small and large globally. What You'll Do Utilize big data, real-time streaming, and SIEM technologies to build and refine threat detections. Build mechanisms that combine multiple detection signals to create higher fidelity threat detections. Build and utilize data platforms and systems to enrich and enhance detection fidelity as well as drive for automated verification and containment. Support the Security Response and Investigation team in high impacting events. Work cross functionally to perform proactive Threat Hunting and Purple Teaming. Basic Qualifications: 2+ years experience in a threat detection, threat hunting or intrusion analyst role In-depth knowledge of security logging for Linux, macOS, or Windows Experience building detection logic utilizing security logs to detect malicious activity with high fidelity across a broad set of detection use cases and environments. In-depth knowledge of adversary capabilities, infrastructure, and techniques. Experience with tools and techniques for analyzing large security datasets (Hive/Presto, ElasticSearch preferred) Experience with at least one programming or scripting language (e.g., Python, Go, Java) Preferred Qualifications: Experience with Elastic Stack as a security platform Experience with Hive/Presto Experience with Phantom SOAR Experience with AWS/GCP/Azure cloud providers Experience with containerized workloads Red Team/Penetration testing experience