×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Cybersecurity Senior Engineer – Threat Engineering Detection Team

Job in Charlotte, Mecklenburg County, North Carolina, 28245, USA
Listing for: Truist
Full Time position
Listed on 2026-01-12
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you’ll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.

Need Help?

If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won’t receive a response).

Regular or Temporary: Regular

Language Fluency: English (Required)

Work Shift: 1st shift (United States of America)

Please review the following job description

Seeking a highly skilled Senior Threat Detection Engineer to design, develop, and optimize enterprise-grade detection capabilities across our security platforms. This role demands deep expertise in detection engineering, data pipelines, and advanced analytics combined with proven experience working in highly regulated industries. A critical requirement for this position is hands‑on expertise with Anvilogic, including detection‑as‑code, multi‑platform orchestration, and coverage analytics.

The role requires practical experience with Splunk, Snowflake/Snowpipe for data ingestion and detection development, and forward‑looking familiarity with Cribl /Databahn for scalable telemetry routing and enrichment. The ideal candidate will bring both technical mastery and a strategic mindset, helping our organization stay ahead of evolving adversary tactics.

Essential Duties and Responsibilities

Detection Engineering :
Design, develop, and maintain high‑fidelity detections across Splunk, Snowflake, and related platforms.

Content Development :
Author SPL‑based detections (Splunk) and SQL‑based queries (Snowflake, MySQL, Postgre

SQL, SQL Server).

Snowflake Engineering:

  • Design and optimize queries within Snowflake for detection logic and threat hunting.
  • Configure and maintain Snowpipe pipelines for real‑time and batch ingestion of security‑relevant data.
  • Partner with data engineering to ensure schema design and ingestion pipelines support scalable detection use cases.

Pipeline Engineering (Future State):

  • Design and maintain integrations with Cribl/Databahn (or similar platforms) for log routing, transformation, and observability pipeline efficiency, telemetry enrichment, normalization, and cost‑optimized data movement.

Platform Administration :
Provide administrative expertise for Splunk and Snowflake environments, ensuring resilience, scalability, and performance.

Threat Modeling & Framework Alignment :
Map detections to the MITRE ATT&CK framework to ensure comprehensive threat coverage.

>
Anvilogic‑Driven Detection Engineering:
  • Use detection‑as‑code workflows for structured creation, testing, and deployment of detections.
  • Leverage Anvilogic content packs and extend/customize them for organization‑specific threats.
  • Orchestrate multi‑platform detection deployment across Splunk, Snowflake, and other SIEM/data lake platforms.
  • Apply coverage analytics within Anvilogic to identify detection gaps and validate against MITRE ATT&CK.
  • Manage the full lifecycle of detections including creation, validation, deployment, tuning, and retirement within Anvilogic.
  • Collaborate with SOC and IR teams to streamline workflows and reduce false positives using Anvilogic‑driven integration.

Regulatory Alignment :
Engineer detection solutions with compliance in mind (e.g., PCI‑DSS, HIPAA, SOX, GLBA).

Collaboration :
Partner with SOC, IR, Threat Intel, Red/Purple, Continuous Security Validation, and Data Engineering teams to validate detections, minimize false positives, and strengthen visibility.

Qualifications

Required Qualifications
  • Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience.
  • Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search