Cyber Security Detection Engineer

Black & Veatch Corporation invites applications for a Cyber Detection Engineer to join our cybersecurity team. The role focuses on designing and implementing advanced threat detection routines, assimilating open-source threat intelligence, generating actionable cyber threat intelligence, and leading incident response and remediation efforts.

This is a full‑time Staff position located at our headquarters. The Cyber Detection Engineer will work closely with the Business Enablement group, including Digital & Information Technology, Global Finance, Global Human Resources, Legal, Risk Management, and Government Affairs.

• Develop and maintain detection functions using telemetry from endpoint logs, cloud logs, email scanning, and sandbox analysis.
• Create and optimize detection components and functions (YARA rules, Sigma rules, SIEM hunts) to identify malicious activity.
• Expand telemetry and signal coverage while reducing noise to improve detection fidelity.
• Assimilate and operationalize open‑source threat intelligence feeds.
• Generate internal cyber threat intelligence reports and indicators of compromise (IOCs).
• Integrate threat intelligence into detection platforms to enhance visibility and response.
• Design and execute proactive threat hunting routines across enterprise environments.
• Identify anomalous behaviors and potential threats not detected by automated systems.
• Analyze security alerts and determine their impact and severity.
• Lead incident response efforts including containment, eradication, and recovery.
• Collaborate with SOC analysts and other stakeholders to ensure timely resolution.
• Develop and implement remediation plans for identified threats and vulnerabilities.
• Document findings and lessons learned to improve future detection and response capabilities.
• Contribute to the continuous improvement of security operations and detection engineering processes.

• 5+ years in cybersecurity with hands‑on experience in detection engineering, threat hunting, and incident response.

• Bachelor’s degree in Information Security, Computer Science, or a related field.
• Minimum 10 years of overall experience in Cyber Security, IT, Risk Assessments, and Privacy.
• Of the 10 years overall experience required, must have 5 years of experience in Governance, Risk and Compliance; and Privacy.
• At least 1 certification such as CISSP, CISM, CISA, CRISC, CIPP, or similar privacy certifications.
• Demonstrated experience applying security and risk frameworks, regulations and privacy such as NIST CSF/800‑53/800‑171, NERC CIP, CIS, CMMC, SOC2, GDPR, etc.
• Experience in developing security policies and standards, risk assessments, third‑party risk programs, risk management, risk registries, regulatory compliance, security awareness training and testing, security metrics, privacy, and other relevant GRC areas.
• All applicants must be able to complete pre‑employment onboarding requirements (background check, drug screen, motor vehicle records search).

• Proficiency in scripting languages (Python, Power Shell).
• Experience with SIEM platforms, EDR tools, and threat intelligence platforms.
• Familiarity with detection‑as‑code frameworks and telemetry analysis.

• Strong analytical and problem‑solving abilities.
• Excellent communication and collaboration skills.
• Ability to work independently and in cross‑functional teams.

• Must hold at least 1 certification such as CISSP, CISM, CISA, CRISC, CIPP, or similar privacy certifications.