Threat Detection Engineer

Required Skills & Experience

- 5 years in a cyber security engineering position, ideally overall 8 years working in IT security

- 3 years of experience working in detection engineering and threat hunting

- Can write scripts for infrastructure as code (python, Terraform) for maintaining cloud environments

- Experience with MITRE ATT&CK and D3FEND

- Experience with red team engineering and penetration testing

- Can translate cyber and technical issues into risk informed solutions

- Must go onsite in Herndon. VA 1x per week

Job Description: This position is for our large cloud software client. In this role, the Threat Detection Engineer would spend their day leveraging their extensive technical cybersecurity experience to protect and enhance the organization's security posture. They would utilize their expertise in detection engineering, threat hunting, and incident response to identify and mitigate potential threats. This involves operationalizing cyber threat intelligence into high-fidelity detection logic and systematically developing and testing this logic against adversarial tactics, techniques, and procedures (TTPs). They would analyze logs from various sources, such as endpoints, applications, network appliances, and cloud environments, to detect anomalies and potential security incidents. With a strong understanding of cybersecurity fundamentals at the network, protocol, and host levels, they would use frameworks like MITRE ATT&CK and D3FEND to improve detection and response strategies. Additionally, they would employ SIEM platforms to monitor and respond to security incidents and proactively hunt for threats using investigative tools, techniques, and user behavior analysis. Compensation: $63/hr to $65/hr. Exact compensation may vary based on several factors, including skills, experience, and education.