Cyber Threat Detection & Response Engineer

What You'll Do:

• Proactively hunt for hidden threats across endpoints, networks, cloud, and applications.


• Proactively create detection rules to alert SOC analysts of intrusions against customer networks.

• Assist with tuning and enhancing existing detection rules to better defend against evolving threats.

• Develop and execute hypotheses-driven threat hunting campaigns using security data and intelligence.


• Analyze large volumes of log, endpoint, and network data to uncover anomalous or malicious activity.


• Research and track adversary TTPs and leverage frameworks such as MITRE ATT&CK.

• Collaborate with Detection Engineering to refine detection rules, signatures, and playbooks to improve threat detection.


• Collaborate with Incident Response and SOC teams to investigate and contain security incidents.


• Provide technical mentorship to junior threat hunters and SOC analysts.
Partner with Threat Intelligence to operationalize indicators and adversary insights.

• Contribute to continuous improvement of detection engineering and hunting methodologies.

• Regularly engage with internal account teams and customers to help strengthen their security posture, identify weaknesses, report on findings, and report on detection strategies.

• Provide technical insight to internal account teams and customers as needed.

What You've Done:

• U.S. citizenship is required

• 4+ years of experience in cybersecurity, with at least 2 years focused on threat hunting or detection engineering.

• History of independently building custom behavior-based and/or threshold-based detections in customer environments from scratch.

• Experience building detections in SentinelOne, Elastic, or CrowdStrike platforms.

• Capable of independently identifying and tuning flaws in existing detections to reduce noise.

• Experience independently building and performing hypothesis-driven threat hunts in customer environments.

• Capable of clearly and concisely reporting findings from threat hunts.

• History of meeting with customers to explain detections and threat hunt findings to senior leadership teams.

• Experience working with and mapping detections to the MITRE ATT&CK framework.

• Background knowledge in the cyber threat landscape, including threat actors, malware, and evolving TTPs.

• Experience working with cyber threat intelligence analysts/teams to identify new detection opportunities.

• Proficiency with SIEMs, EDR/XDR platforms, and log analysis tools.

• Experience with scripting languages (Python, PowerShell, etc.) for scripting purposes.

• Enjoy working in a team environment.

• Willingness to learn from more senior team members while mentoring junior team members.

Preferred Qualifications:

Experience with pentesting or red teaming.
Experience with reverse engineering.
GIAC Threat Hunting (GCTH), Certified Enterprise Defender (GCED), or Certified Intrusion Analyst (GCIA) certification(s)

What We Offer:

401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed  
Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)  
Group Term Life, Short-Term Disability, Long-Term Disability  
Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness  
Participation in the Discretionary Time Off (DTO) Program  
11 Paid Holidays Annually