Senior Detection Engineer

Chicago · Chicago · (chicago)Full-timesenior

SecurityOtherSecurity Detection EngineerCybersecurityDetection Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

As our next Senior Detection Engineer, you won’t just be monitoring dashboards—you’ll be at the forefront of building our security operations as code.

Technical Tools

SecurityOtherSecurity Detection EngineerCybersecurityDetection Engineer

As our next Senior Detection Engineer, you won’t just be monitoring dashboards—you’ll be at the forefront of building our security operations as code. You will lead the charge in architecting scalable detection systems and developing the automation that defines how we protect our infrastructure. This is a technical, hands-on role combining security engineering, automation development, and strategic incident response where your technical decisions directly shape how we detect, investigate, and respond to threats at scale. You won’t just be managing alerts; you’ll be shaping the very trajectory of our security posture in a lean, engineering-first environment.

Design and deploy sophisticated detection logic across our entire technology stack using detection-as-code principles like YARA-L, Sigma, and KQL.

Build automated response workflows that independently enrich, triage, and remediate security alerts, effectively eliminating manual toil through advanced SOAR principles.

Investigate complex security signals—such as novel attack patterns or phishing campaigns—that require deep human judgment and strategic intuition.

Collaborate cross-functionally with DevOps and Security Engineering teams to adapt detection logic to infrastructure changes before security blind spots can emerge.

Leverage AI and LLMs as force multipliers to accelerate threat hunting, generate new detection hypotheses, and automate repetitive investigative tasks.

Lead post-incident reviews with engineering partners, transforming security findings into preventative architectural changes that harden our long-term defense.

Prototype and test emerging detection capabilities and data sources, ensuring we stay ahead of the threat landscape while participating in an on-call rotation to defend our most critical systems.

5+ years of hands-on experience in detection engineering, incident response, or security operations within high-growth technology environments.

Advanced programming proficiency in Python, with a proven ability to build production-quality security automations and custom integrations from scratch.

Deep expertise in Cloud Security (AWS), including a comprehensive understanding of IAM, VPC, CloudTrail, and Lambda attack vectors.

Mastery of detection logic in at least two major languages, such as YARA-L, Sigma, KQL, or SPL.

A track record of building SOAR workflows or equivalent automation platforms that measurably reduce operational overhead at scale.

Exceptional communication skills, with the ability to distill complex security risks into actionable insights and influence technical decisions across the organization.

Experience using AI/LLMs as a strategic tool for threat analysis, investigation automation, and increasing the velocity of security work.

A self-directed, engineering-first mindset, ideally with a background in SRE, DevOps, or platform engineering and a history of contributing to open-source security projects.