Job#: 3028544 Job Description: Client: Financial Services
Team: TBA
Job Title: Information Security Engineer 4 - Threat Detection Engineer (Contingent)Location: Charlotte, NC / Chandler, AZ / Minneapolis, MN / Dallas (Las Colinas), TX - HybridContract Length: 18mo
Pay Rate: $69 - $72Top Requirements:5+ years Information Security Engineering / Threat Detection Engineering / SOC / Incident Response experience, with 3+ years writing & tuning detections.Demonstrated ownership of full detection lifecycle: requirements design build tuning validation decommission.Hands-on experience with Splunk (SPL), CrowdStrike (custom IOA), Microsoft Defender, Sentinel (KQL).Experience detecting threats across Azure + Google Cloud Platform cloud environments.Strong understanding of MITRE ATT&CK, adversary TTPs, and detection gap analysis.Plusses:Experience with AIOps, adversary simulation tools (Atomic Red Team, Caldera, BAS platforms).Strong automation skills (Python / PowerShell) for detection pipelines.Experience in multi-tenant, multi-cloud, global enterprises.Experience building detection dashboards, runbooks, feedback loops with SOC.Experience with large datasets, log telemetry engineering, and cloud-native security controls.Job Summary:This senior Information Security Engineering role focuses on
Threat Detection Engineering for large-scale, multi-cloud enterprise environments. The engineer will design, build, tune, and validate detections across SIEM, EDR/XDR, cloud platforms, and identity systems. The role requires advanced threat understanding, strong detection lifecycle ownership, and high-fidelity detection development aligned with MITRE ATT&CK.
The engineer will partner with SOC, IR, logging/telemetry teams, cloud security, and platform engineering to strengthen threat visibility, reduce noise, and drive high-quality, actionable detection content. Automation, structured engineering processes, and an attacker-mindset approach are essential to success.
Day-to-Day Responsibilities:Detection Engineering (Core Focus)- Develop and tune detections across Splunk, CrowdStrike, Microsoft Defender, Sentinel (KQL).
- Interpret attacker TTPs and convert them into detection logic across SIEM, EDR, and cloud telemetry.
- Perform detection gap assessments and prioritize detections tied to emerging threats.
Threat & Attack Analysis- Map detections to MITRE ATT&CK; ensure enterprise TTP coverage.
- Track evolving threats (phishing, ransomware, cloud account compromise, identity abuse).
- Operationalize threat intelligence into actionable detections.
Detection Fidelity & Validation- Measure and improve signal fidelity (precision/recall).
- Conduct false-positive/negative analysis and refine rules.
- Use adversary simulation tools (Atomic Red Team, Caldera, BAS) to validate coverage.
- Maintain detection dashboards, metrics, and SOC feedback loops.
Data Engineering & Telemetry- Assess log quality and coverage across Windows, Sysmon, Linux, network telemetry, identity, cloud-native logs.
- Define requirements for new logs; work with infra teams to onboard/normalize sources.
Engineering & Automation- Use Python or PowerShell to automate detection testing, deployment, and reporting.
- Manage detection content through SDLC-like processes: Git, pull requests, staged releases.
- Support infrastructure-as-code patterns for security controls (nice-to-have).
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .
Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click for more details.
Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.
Never miss an opportunity! Create an alert based on the job you applied for.