Staff Threat Detection Engineer
New
C
ChainalysisBlockchain, FinTech
Remote - USAFull-TimeStaff
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 8+ years
- Required Skills
- AWSPythonSQLBashGCP
Requirements
- 8+ years of experience in detection engineering, SOC, or incident response at scale
- Deep expertise in building and tuning detections within SIEM, EDR, and log analytics platforms
- Advanced proficiency in writing complex detection queries (e.g., KQL, SPL, SQL)
- Demonstrated experience detecting modern attacker TTPs across endpoint, identity, and cloud environments
- Strong scripting skills (Python, Bash) for automation and enrichment
- Proven ability to lead cross-functional security initiatives with IT and Engineering stakeholders
Responsibilities
- Lead the end-to-end roadmap for corporate threat detection, mapping coverage against frameworks like MITRE ATT&CK
- Design and maintain scalable detection logic across SIEM, EDR, and cloud logging platforms (AWS/GCP)
- Plan and execute hypothesis-driven hunting campaigns to uncover novel TTPs and turn findings into durable controls
- Lead threat assessments and design reviews for new technology on-boarding and product design changes
- Partner with Incident Response to refine alert quality, automate triage playbooks, and reduce time-to-containment
- Provide technical leadership and mentorship to the DaRE team
- Influence product teams to improve visibility and remediate gaps
View Full Description & ApplyYou'll be redirected to the employer's site
