Senior Cybersecurity Detection Engineer - 100% onsite

Position Overview:
We are seeking a hands-on Cybersecurity Detection Engineer with strong experience in SIEM-based detection engineering, data analysis, and algorithm development. This role is ideal for someone with 3 5 years of solid, applied experience who thrives in a collaborative, technically rigorous environment and is eager to grow deeper expertise across cybersecurity, data, and applied analytics.

This is not a purely data science or software development role. Success in this position requires practical detection engineering experience, comfort working directly in SIEM platforms, and the ability to analyze large data sets to solve real security problems across enterprise networks, SaaS platforms, cloud, and on?prem environments.
As part of a highly collaborative detection engineering team, you will:
Design, build, and tune detections by writing correlations, algorithms, and Python scripts using security telemetry and enterprise data sources.
Work hands-on in SIEM and detection platforms (Splunk and/or similar), configuring rules, tuning alerts, and improving signal quality.
Analyze large data sets by querying databases (SQL or similar), joining multiple data sources, and determining which data is meaningful for detection.
Research threat scenarios and determine required data sets in partnership with Analysts, Focus Area Leads, and other SMEs.
Integrate new data feeds by reviewing documentation, assessing readiness, documenting feed attributes, and supporting onboarding efforts.
Test, onboard, and operationalize alerts through defined team processes, including micro?playbook development and SOAR-related activities.
Investigate security events by digging into raw data, validating detections, and understanding network, endpoint, and cloud behaviors.
Document detections, integrations, and processes clearly so knowledge is shared across the team.
Continue expanding your technical breadth, including applied data analysis, detection engineering techniques, and emerging automation approaches.

A successful candidate will be able to:
Take a security problem or integration from concept to deployment.
Write Python scripts to connect data sources, ingest data, build correlations, and generate actionable detections.
Understand the data behind detections what s populated, what s missing, and what needs improvement.
Work efficiently with a high-performing team, sharing knowledge rather than operating in isolation.
Deliver practical algorithms and tuned detections that improve enterprise security outcomes.

Required Qualifications
3 5 years of professional experience in cybersecurity, detection engineering, or a closely related technical role.
Proven experience working hands-on in a SIEM, including writing and tuning detection rules (Splunk or similar).
Strong Python skills used in real-world environments (not just academic exposure).
Solid experience with data analysis and querying, including SQL and working with large data sets.
Experience joining data, analyzing patterns, and determining relevance for threat detection.
Understanding of network security fundamentals and how enterprise environments are defended.
Strong communication skills and the ability to clearly explain technical work to teammates.
A collaborative mindset success is measured by team outcomes, not individual visibility.

Preferred / Nice-to-Have Qualifications
Experience with CRIBL, Palo Alto XSIAM, or similar security data platforms.
Experience with Databricks, Apache Spark, or large-scale analytics environments.
Exposure to applied AI or machine learning in cybersecurity contexts (e.g., anomaly detection, behavioral analytics, threat hunting).
Background in Computer Science, Data Science, Engineering, or a similar technical discipline.
Prior experience in regulated or large enterprise environments (e.g., financial services, telecom).