Threat Detection Engineer

  • San Antonio, TX
  • Posted 3 hours ago | Updated 3 hours ago

Overview

On Site
$50+
Contract - Independent
Contract - W2
Contract - 6 Month(s)

Skills

Threat & Vulnerability Management
Security Information and Event Management
SIEM
Cybersecurity Careers
Cyber Threat Hunting (CTH)
Threat Analysis
EDR
Phishing
Cybersecurity
Malware Detection
Threat Detection
MITRE
ATT&CK
malicious
malware
ransomware
insider threats
cyber attacks
DDoS attacks

Job Details

Detection Engineer

Location: Onsite San Antonio, TX

Duration: 6+ Months (11/20/2025 06/05/2026)

Experience Required: 6+ Years

Job Description:

We are seeking an experienced Detection Engineer to design, develop, and maintain advanced threat detection systems that strengthen organizational security posture. The role involves crafting detection logic, integrating telemetry from multiple sources, and implementing detection-as-code principles to enhance threat identification and response capabilities.

________________________________________

Roles & Responsibilities:

  1. Design, build, and maintain detection systems, including writing and optimizing detection rules.
  2. Analyze security logs, research emerging threats, and refine detection logic for improved accuracy.
  3. Integrate telemetry from various data sources and map detections to frameworks such as MITRE ATT&CK.
  4. Develop and enhance detection rules, logic, and models for SIEM, EDR, and cloud-native platforms.
  5. Investigate alerts, analyze logs, and process raw data to identify potential malicious activities while minimizing false positives.
  6. Implement detection-as-code practices using version control and CI/CD pipelines for automated testing and deployment.
  7. Collaborate with threat hunting, security operations, and engineering teams to strengthen overall detection coverage.
  8. Maintain a centralized library of detection rules and playbooks to promote consistency and operational efficiency.

________________________________________

Required Skills & Qualifications:

  • 6+ years of experience in Cybersecurity, Threat Detection, or Security Engineering.
  • Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, Azure Sentinel) and EDR solutions.
  • Familiarity with MITRE ATT&CK framework and detection engineering best practices.
  • Strong proficiency in scripting languages (Python, PowerShell, or similar) for automation.
  • Experience with CI/CD pipelines, version control (Git), and detection-as-code principles.
  • Excellent analytical, troubleshooting, and problem-solving skills.
  • Strong written and verbal communication skills, with the ability to collaborate across teams.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About MethodHub