157 threat detection engineer jobs at 118 companies in United States
4d
Save
Mark Applied
Hide
4d
Senior Threat Detection Engineer
Houston, Texas, United States
HybridFull Time
MacquarieASX: MQG: Global financial group providing investment, banking, and advisory services.
3+ YOE3–5 years in detection engineering or incident response; strong SIEM and threat hunting experience; detection-as-code, Git and CI/CD experience; knowledge of MITRE ATT&CK and cloud/security tooling.
MITRE ATT&CK, Splunk ES, Google SecOps, Sumo Logic, Git, GitHub, Bitbucket, CloudBees, AWS, Azure, GCP, GitHub Copilot, Claude Code
SalesforceNYSE: CRM: Sells cloud-based customer relationship management and business software solutions.
6+ YOE6+ years experience in threat detection/hunting or incident response; expertise in log correlation and complex query languages (SPL, YARAL); experience with SIEM/EDR/NDR/SOAR and cloud security; related technical degree required.
CrowdStrikeNASDAQ: CRWD: Provides cloud-native endpoint protection and cybersecurity services.
4+ YOEAbility to analyze malware and intrusion telemetry, author behavioral detections for Windows endpoints, use Python/PowerShell for automation, and collaborate with threat intelligence; U.S. citizenship or green card required for CJIS eligibility.
FiservNew York Stock Exchange: FI: Provides financial technology and payment processing services to institutions.
8+ YOE8+ years in cybersecurity/detection engineering with SIEM/SOAR, scripting (Python/SQL/PowerShell/Bash), EDR/IDS/NDR/UEBA/DLP/WAF experience, API integrations, MITRE ATT&CK application; bachelor\u0002s degree or equivalent.
United States or Charleston or Australia or Canada or United Kingdom
$102k-$133k/yrRemoteFull Time
BlackbaudNasdaq: BLKB: Provides software for nonprofits and social impact organizations.
5+ YOE5+ years security engineering/analysis and 5+ years IT/networking experience. Strong Linux/Unix and Windows skills, public cloud (preferably Microsoft Azure), SIEM, scripting (PowerShell, Perl, Python, Bash), packet analysis, APIs, and familiarity with NIST and MITRE ATT&CK.
SIEM, Security Orchestration and Automated Response (SOAR), PowerShell, Perl, Python, Bash, Microsoft Azure, Linux, Unix, Windows, APIs, NIST, MITRE ATT&CK
TargetNYSE: TGT: Operates a chain of general merchandise stores and supermarkets.
5+ YOE5+ years cybersecurity experience (3+ years developing detections); 4-year degree or equivalent; experience with SIEM/EDR, cloud security (AWS/GCP/Azure), scripting (Python, PowerShell, Bash), and detection engineering using MITRE ATT&CK.
ICFNASDAQ: ICFI: Provides strategic consulting and technology services to global organizations.
10+ YOEActive high-level security clearance,10+ years cybersecurity/IT experience, expertise in threat detection, incident response, network analysis, big data technologies, dashboard development, and analytics.
WHOOP: Providing wearable health trackers and physiological performance analytics.
4+ YOE4+ years in information security with focus on detection engineering, threat detection, or security operations; experience writing/tuning detections across cloud, identity, endpoint, or applications; strong scripting; familiar with detection tools (YARA, SIGMA, Suricata).
cFocus Software: Provides cybersecurity compliance and enterprise IT services for government.
3+ YOEActive Public Trust clearance, BS in CS/IT or related, 3+ years threat hunting/adversary emulation, experience querying large datasets, Python and PowerShell scripting, and detection development in SIEM (Splunk ES or Microsoft Sentinel).
Python, PowerShell, Splunk ES, Microsoft Sentinel, SIEM
Northwestern Mutual: Provides life insurance and financial planning services to individuals.
5+ YOE5+ years in threat intelligence/hunting/detection engineering; strong scripting (Python), SIEM/EDR experience, REST API and automation skills, MITRE ATT&CK knowledge, ability to communicate technical findings.
6+ YOESenior cybersecurity professional with 6+ years experience in offensive and defensive security, vulnerability management, threat detection, incident response, cloud and infrastructure security, scripting (PowerShell, Python, JavaScript), and integrating automation and SIEM/SOAR tooling.
PowerShell, Python, JavaScript, MITRE ATT&CK, NIST CSF, ISO27001, Center for Internet Security, OWASP, CI/CD, Security Orchestration Automation and Response, Security Information and Event Management, Vulnerability Scanning, Security Threat Feeds, Red Team Tooling
Threat Detection and Vulnerability Managment Cybersecurity Engineer
Washington, District of Columbia, United States
OnsiteFull Time
InquisIT: Provides IT services and cybersecurity for federal government agencies.
8+ YOEHands-on experience in vulnerability management, threat detection, penetration testing, and implementing federal cybersecurity frameworks; 8+ years cybersecurity engineering experience and strong communication.
Tenable, Nessus, Qualys, Rapid7, SIEM, EDR/XDR, Burp Suite, Metasploit, Nmap, Kali Linux, CrowdStrike Falcon, Microsoft Defender, Microsoft Sentinel, Elastic (ELK), Splunk, AWS, Azure, PowerShell, Python, Bash, MITRE ATT&CK, NIST RMF, NIST 800-53, DISA STIGs
Quzara: Managed cybersecurity operations and federal compliance advisory services.
Experience onboarding customers into SIEM/XDR/MDR platforms; hands-on with Microsoft Defender XDR and Purview; FedRAMP/FISMA/CMMC experience; data integration; customer-facing documentation.
Microsoft Defender XDR, Microsoft Purview, Microsoft Sentinel, Azure, KQL, Azure Logic Apps, Power Automate, SIEM, Splunk, QRadar, Elastic, Chronicle, CrowdStrike, SentinelOne, AWS CloudTrail, GuardDuty, Syslog, Logstash, Fluentd