Sr. Security Engineer

Sr. Security Engineer (Detection Engineering) will be leading the design, tuning and optimization of the Credit Union’s detection stack, helpful for safeguarding our networks and member data. This role is deeply technical and cross‑functional, responsible for designing, implementing, and ensuring control effectiveness of system security, information security controls, and processes to protect data, infrastructure and applications. The role is responsible for care and feeding of detection platforms (e.g. EDR, NDR), SIEM engineering, and SOAR automation and will apply Threat Intelligence, Security Architecture, and adversary simulation knowledge to mature our detection capabilities in alignment with the NIST CSF.

• Own the engineering and tuning of endpoint detection & response, network detection & response platforms
• Drive advancement and growth of detection and automation initiatives
• Build, test, and deploy behavioral detection solutions aligned to MITRE ATT&CK TTPs
• Continuously improve detection efficacy using business context and real‑world feedback
• Engineer and optimize detection pipelines in SIEM
• Author comprehensive runbooks, write automation scripts, and build SOAR capabilities to improve response times
• Build and maintain enrichment workflows and automated response playbooks using SOAR
• Create, maintain and manage a library of automated playbooks to address new threats and tactics employed by attackers
• Ensure telemetry normalization, parsing and alert fidelity across data sources
• Operationalize threat intelligence into actionable detection rules, dashboards, and response workflows.
• Lead red/blue teaming efforts to test detections against real‑world scenarios.
• Integrate external and internal threat feeds to strengthen signal correlation
• Apply STRIDE & DREAD methodologies to model risks associated with applications, systems and emerging threats
• Recommend and document compensating controls for identified risks
• Partner closely with Security Operations, Governance Risk & Compliance (GRC), and wider Engineering teams to enhance detection coverage
• Document information security design and architecture
• Mentor and cross‑train staff members in the areas of subject matter expertise
• Provide engineering support to Technology Operations implementing industry standard benchmarks and evaluation activities

• 5+ years Information Security with 3+ years focused on Detection Engineering, including EDR, NDR, SIEM, SOAR tooling
• Demonstrated knowledge and practical application of MITRE ATT&CK, STRIDE & DREAD models
• Strong scripting skills (Python, YAML etc.) and experience with data parsing and log normalization
• Industry certifications such as CISSP, GCTI, GCIA, GDSA or equivalent preferred
• Strong knowledge of the Cyber Threat landscape and ability to articulate and incorporate understanding of major threat categories, motivations and intent of adversaries
• Demonstrated knowledge and practical application of MITRE ATT&CK
• Experience in at least one programming language (Python, Go, C, C++) or deep expertise using low‑code automation tools or SOAR Platforms
• Experience building and scaling observability solutions
• Experience with Adversary emulation, continuous detection improvement and operational excellence
• Must be able to collaborate with other teams
• Clear verbal and written communication will be required