Sr. Detection Engineer, Sentinel | Remote, USA

Posted 14 Days Ago
Be an Early Applicant
Kansas
5-7 Years Experience
Security • Cybersecurity
The Role
The Sr. Detection Engineer will be responsible for creating, deploying, and managing Threat Detections using a Detection-as-Code approach. This role emphasizes automation, cloud security, effective communication, and collaboration aimed at enhancing client security through high-fidelity rules and rapid response to alerts.
Summary Generated by Built In

This position will be fully remote and can be hired anywhere in the continental U.S.

We are seeking a highly skilled and experienced Sr. Sentinel Detection Engineer to join our MSS Detection Engineering team. This Engineer will be responsible for the creation, deployment and management of Threat Detections within a Detection-as-Code methodology. This role will play a crucial part in the creation and maintenance of high-fidelity rules, enabling fast response times to triggered alerts, and ultimately enhancing the security posture of our clients.

How you'll make an impact:

  • Provisioning APIs for automation, security testing and threat detection.

  • Leveraging automation tooling to create efficiencies, scalability, and accuracy within a Detection-as-Code methodology.

  • Providing expertise with cloud security concepts, platform-specific security features, and cloud-based detection tools.

  • Use of code repos such as Bitbucket for centralized detection rule storage and management.

  • Communication skills to collaborate with security analysts, incident responders, and clients to effectively curate threat detections.

  • Git experience for the purpose of version control, collaboration, deployment, and integration with automation tools.

  • Understanding of incident response procedures, threat hunting methodologies, and how to collect and analyze forensic data.

  • Ability to parse and analyze log data from various sources (firewalls, applications, servers) to identify suspicious events and potential incidents is key for detection.

  • Experience with network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and how network traffic analysis can reveal malicious activity.

  • By gathering and analyzing information that's publicly available for the purpose of Threat Research, Identifying exposed assets, social engineering recon, and Monitoring brand reputation.

  • The use of regex for pattern matching and conciseness within threat detection queries.

  • Scripting languages like Python, PowerShell, or Bash for automating repetitive tasks, log analysis workflows, and basic security tools development.

  • Providing expertise in core security concepts (threat vectors, vulnerabilities, attack surfaces) and major security frameworks (MITRE ATT&CK, NIST CSF) crucial for designing and deploying effective detection strategies.

  • Proficiency in SIEM tool administration (such as Sentinel), allowing for proper log collection, analysis, and correlation of security events from various sources.

  • Strong knowledge of operating systems (Windows, Linux) is essential for understanding system logs, user activity, and potential security weaknesses.

  • By staying up to date on the latest threats, vulnerabilities, and attacker tactics, techniques, and procedures (TTPs) for proactive detection creation.

What we're hiring for:

  • In-Depth knowledge of Sentinel architecture and Cloud operations, and a detailed understanding of computer and network security.

  • 5+ years of experience with deploying and administrating Microsoft Sentinel (or comparable cloud-native next-gen SIEM).

  • 3+ years of experience creating, deploying and managing Threat Detections.

  • Microsoft Certified: Azure Security Engineer Associate, CISSP and similar level of industry certifications are highly desired.

  • Proficiency with MS Office and Internet Navigation. 

  • Excellent written and verbal communication skills. 

  • Outstanding time management and organizational skills. 

  • Ability to work independently and as part of a team.

What you can expect from Optiv

  • A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
  • Work/life balance
  • Professional training resources
  • Creative problem-solving and the ability to tackle unique, complex projects
  • Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
  • The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer (EEO). All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, status as an individual with a disability, veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.

Top Skills

Bash
Powershell
Python
The Company
Denver, CO
1,988 Employees
On-site Workplace
Year Founded: 2015

What We Do

Optiv is a security solutions integrator – “one-stop” trusted partner with a singular focus on cybersecurity. Our end-to-end cybersecurity capabilities span risk management and transformation, cyber digital transformation, threat management, security operations, identity and data management, and integration and innovation, helping organizations realize stronger, simpler and more cost-efficient cybersecurity programs that support business requirements and outcomes. At Optiv, we are modernizing cybersecurity to enable clients to innovate their consumption models, integrate infrastructure and technology to maximize value, achieve measurable outcomes, and realize complete solutions and business alignment.

Jobs at Similar Companies

Invoice Home Logo Invoice Home

Senior Cloud Engineer

Fintech • Information Technology • Mobile • Software • Financial Services • Cybersecurity • SEO
Remote
Texas, USA
20 Employees
200K-250K Annually

Silverfort Logo Silverfort

Marketing Analyst

Information Technology • Sales • Security • Cybersecurity • Automation
Remote
United States
357 Employees

MacPaw Logo MacPaw

Senior Product Designer (New Product)

Information Technology • Security • Software • Cybersecurity • App development • Data Privacy
Remote
Hybrid
Kyiv, Kiev, UKR
550 Employees

Similar Companies Hiring

Invoice Home Thumbnail
Software • SEO • Mobile • Information Technology • Fintech • Financial Services • Cybersecurity
Austin, TX
20 Employees
MacPaw Thumbnail
Software • Security • Information Technology • Data Privacy • Cybersecurity • App development
Cambridge, MA
550 Employees
Silverfort Thumbnail
Security • Sales • Information Technology • Cybersecurity • Automation
GB
357 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account