Detection Engineer

📋 Description

• Design, develop, and maintain detection mechanisms across endpoint, network, and cloud environments.

• Create and fine-tune detection strategies utilizing tools such as CrowdStrike, Zscaler, SIEM platforms, and DLP solutions.

• Utilize Cyberhaven to establish and enhance detections related to data exfiltration and insider risks.

• Analyze logs and telemetry to identify attack patterns, anomalies, and emerging threats.

• Continuously enhance detection quality by minimizing false positives and improving signal fidelity.

• Collaborate with Incident Response and Security Operations teams to investigate alerts and refine detection methodologies.

• Develop and document detection use cases, playbooks, and workflows.

• Keep up to date with adversary tactics, techniques, and procedures (TTPs) and convert them into actionable detections.

• Contribute to detection automation and engineering projects aimed at enhancing scalability and efficiency.

⛳️ Requirements

• Strong expertise in Data Loss Prevention (DLP) tools and workflows such as CyberHaven and Microsoft Purview.

• Experience with CrowdStrike and Zscaler (or similar EDR and network security platforms).

• In-depth knowledge of Windows event logs and other relevant investigation artifacts.

• Experience with SIEM platforms, log management systems, and endpoint security tools.

• Strong analytical and critical thinking abilities with exceptional attention to detail.

• Capability to investigate complex security incidents and translate findings into detection enhancements.

• Excellent written and verbal communication skills, with the capacity to clearly articulate complex security concepts.

• Strong interpersonal skills and the ability to work collaboratively across security, IT, and engineering teams.

• Self-motivated with a mindset geared towards continuous improvement.

🏝️ Benefits

• We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.

• Datavant is committed to a work environment free from job discrimination.

• Datavant is dedicated to building a diverse team of Datavanters.