Detection Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Design, develop, and sustain detection logic across endpoint, network, and cloud platforms.

• Create and optimize detections utilizing tools such as CrowdStrike, Zscaler, SIEM systems, and DLP solutions.

• Utilize Cyberhaven to develop and enhance data exfiltration and insider risk detections.

• Examine logs and telemetry to uncover attack patterns, anomalies, and emerging threats.

• Continuously enhance detection quality by minimizing false positives and increasing signal fidelity.

• Collaborate with Incident Response and Security Operations to investigate alerts and refine detection methodologies.

• Create and document detection use cases, playbooks, and workflows.

• Stay updated on adversary tactics, techniques, and procedures (TTPs), translating them into actionable detections.

• Contribute to detection automation and engineering projects to enhance scalability and efficiency.

⛳️ Requirements

• Strong experience with Data Loss Prevention (DLP) tools and workflows such as CyberHaven and Microsoft Purview.

• Familiarity with CrowdStrike and Zscaler (or similar EDR and network security platforms).

• In-depth understanding of Windows event logs and other relevant investigative artifacts.

• Experience with SIEM platforms, log management systems, and endpoint security tools.

• Strong analytical and critical thinking abilities, with exceptional attention to detail.

• Capability to investigate complex security incidents and translate findings into detection enhancements.

• Excellent written and verbal communication skills, with the ability to clearly articulate complex security concepts.

• Strong interpersonal abilities and the capacity to collaborate effectively across security, IT, and engineering teams.

• Self-motivated with a mindset focused on continuous improvement.

🏝️ Benefits

• We are proud to be an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

• Datavant is committed to maintaining a work environment free from job discrimination.

• Datavant is dedicated to building a diverse team of Datavanters.