Cyber Operations Senior Detection Engineer

ABOUT ROLE

The Senior Detection Engineer is a technical specialist within the Global Security Operations Centre (GSOC), based in Gaithersburg, Maryland, working with the Director, Cyber Security Detection Engineering. The role is characterised by leadership of detection content development initiatives that protect enterprise assets across cloud, on‑premises, and OT/ICS environments. Responsibility is held for the design, implementation, and optimisation of detection logic through which threats are identified, investigated, and mitigated with precision and efficiency.

• Detection engineering initiatives: oversee detection engineering efforts across multiple projects spanning threat coverage, detection logic development, and efficacy validation; technical guidance is provided to ensure that detection capabilities address the most significant threats across all technology domains.
• Advanced detection frameworks and methodologies: implement detection engineering frameworks to enhance the organisation's defensive posture through improved threat coverage, reduced false positives, and accelerated threat identification; industry guidelines for detection engineering are adopted and tailored to organisational requirements.
• Enterprise‑wide detection content library development and management: design and optimise detection libraries to ensure comprehensive coverage of adversary tactics, techniques, and procedures as defined by frameworks such as MITRE ATT&CK; detection logic is developed that balances sensitivity with operational efficiency.
• Detection development oversight: provide technical guidance of detection development operations including coordination with external suppliers and platform vendors for comprehensive threat coverage; detection performance is monitored and issues are called out and resolved in collaboration with relevant collaborators.
• Proactive detection development and coverage management: proactively expand detection coverage through periodic assessments of threat landscape evolution, detection gaps, and emerging attack techniques; critical coverage deficiencies are identified and resolution is driven through systematic detection development.
• Stakeholder management: maintain engagement with security leadership to communicate emerging detection requirements driven by threat intelligence and incident findings; strategic action plans are proposed for addressing coverage gaps and enhancing detection capabilities.
• External partner relationship management: maintain and develop relationships with external partners, threat intelligence providers, and industry peers to identify innovative detection approaches and emerging techniques applicable to enterprise defence.

• Technical guidance and expertise: support the definition of detection standards, development methodologies, and quality frameworks within the detection engineering domain; critical detection failures are addressed through deep technical knowledge and systematic analysis.
• Continuous improvement: find opportunities to improve and enhance the performance of detection logic, reduce false positives, and improve threat identification accuracy; opportunities for detection automation and orchestration are pursued proactively.
• Implement innovative detection engineering solutions: identify and manage new detection engineering solutions including adoption of new detection techniques, behavioural analytics, and machine learning approaches; training and organisational change activities are led to ensure successful adoption.
• Technical guidance and mentorship: provide ongoing technical guidance and mentoring to detection engineering team members and security analysts regarding detection logic development, threat hunting techniques, and effective use of detection platforms.
• Maintain training and awareness materials: develop and maintain training and awareness materials regarding detection engineering practices, threat actor TTPs, and effective investigation methodologies; knowledge is shared to enable security operations teams to leverage detection capabilities effectively.

• Detection…