Senior Cybersecurity Engineer (Detection / IR)

Position Description

This exciting opportunity is a full-time, permanent role with Pellera Technologies. As a Senior Cybersecurity Engineer within the Cybersecurity Strategy & Defense practice, you will act as a trusted advisor to Pellera's client base. The Senior Engineer will provide expertise in administering technical service delivery efforts, specifically defensive cybersecurity operations to include proactive threat hunting, incident response and technical SOC leadership. The Senior Engineer will also be involved in deploying and customizing security solutions per the unique client environment requirements. We invest heavily in our team members growth with cross-technology training and certification training and, look forward to working with you!

Key Responsibilities

• Provide day to day support for enterprise level security solutions in the cloud such as SIEM, EDR, Vulnerability Management, etc
• Become the technical lead and conduit between client security operations and external SOC team
• Conduct proactive threat hunting across cloud and hybrid environments utilizing the MITRE ATT&CK framework
• Create and conduct threat modeling and adversary simulations to identify detection gaps and improve SOC coverage
• Manage and investigate alerts & incidents using EDR/XDR toolset
• Build complex queries and custom hunting use cases
• Conduct incident response, root cause analysis and post-incident reporting including collaboration with stakeholders and regulatory compliance team
• Troubleshoot product issues as they arise
• Evaluate and recommend new and emerging services and technologies

Knowledge & Competencies

• Strong proficiency in building, tuning and managing analytics rules, workbooks, hunting queries and playbooks
• Demonstrated experience conducting proactive threat hunting across cloud and hybrid environments using MITRE ATT&CK framework
• Solid understanding of log ingestion pipelines, normalization schemas (like ASIM), and data connector management within SIEM tools
• Deep familiarity with common attacker techniques, tactics, and procedures (TTPs), and the ability to translate them into high-fidelity detection logic
• Strong grasp of core networking protocols and security technologies, including DNS, TCP/IP, HTTP(S), TLS, IPSec, and firewalls

Education & Qualifications

• 5+ years of experience in a professional cybersecurity capacity
• 5+ years of experience working with SIEM (Azure Sentinel preferred) and EDR (Crowdstrike preferred) solutions
• Azure Security and Crowdstrike certifications are preferred
• Industry leading certifications are a plus, especially via GIAC / SANS

Work Environment

• Remote within the United States

Total Rewards

• We offer a comprehensive total rewards package that includes base salary, quarterly bonus, healthcare benefits, 401k match, PTO/holiday, training/development, promotional opportunity and so much more.