×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Security Manager Network Security

Associate Principal Engineer, Detection & Response

Job in Granby, Hartford County, Connecticut, 06035, USA
Listing for: Unisys
Full Time position
Listed on 2025-12-23
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Security Manager, Network Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

What success looks like in this role:

  • Develop and Implement Custom Detections:
    • Design, develop, and maintain high‑fidelity detection rules, signatures, and analytics for a diverse array of enterprise security tools, including Security Information and Event Management (SIEM) systems, Endpoint Detection and Response (EDR) platforms, and Intrusion Detection Systems (IDS). The objective is to identify both known and emerging threats effectively.
    • Translate complex threat intelligence, sophisticated attack methodologies (e.g., leveraging the MITRE ATT&CK Framework), and vulnerability insights into precise, actionable, and automated detection logic.
    • Continuously tune and optimize existing detection mechanisms to significantly reduce false positives, enhance alert fidelity, and ensure a high signal‑to‑noise ratio, thereby minimizing alert fatigue for security analysts.
  • Perform Tier 3 Security Investigations and Proactive Threat Hunting:
    • Lead and conduct advanced, complex security investigations (Tier
      3) escalated from lower tiers, encompassing root cause analysis, malware and indicator analysis, and recommending robust corrective measures to prevent future incidents.
    • Proactively conduct threat hunting activities across network, endpoint, and cloud environments to identify novel or hidden threats, subtle anomalies, and security gaps that may evade existing detection controls.
    • Collaborate closely with Incident Response (IR) teams to ensure effective communication, facilitate rapid response to detected threats, and integrate lessons learned into the development of new or refined detection capabilities.
  • Manage and Optimize MSSP Tier 1 & Tier 2 Operations:
    • Serve as the primary technical liaison for Managed Security Service Provider (MSSP) partners, providing expert guidance and strategic oversight for their Tier 1 and Tier 2 security monitoring and operational activities.
    • Ensure MSSP adherence to organizational security policies, detection standards, and incident escalation procedures, thereby contributing to the overall security posture.
    • Collaborate with MSSP teams on detection rule deployment, tuning, and validation, leveraging continuous feedback loops to enhance overall detection efficacy and reduce alert fatigue experienced by their analysts.
    • Review MSSP‑generated alerts and reports, providing constructive feedback and precise technical direction for continuous improvement in their detection and response capabilities.
  • Security Automation and Tooling:
    • Develop and maintain automation scripts and tools (e.g., Python, Power Shell, Bash) to streamline security detection operations, facilitate efficient data parsing, integrate disparate security tools, and enhance response capabilities.
    • Build, design, run, and troubleshoot playbooks within a Security Orchestration, Automation, and Response (SOAR) solution to automate incident response processes and significantly improve operational efficiency.
  • Documentation and Continuous Improvement:
    • Maintain comprehensive and up‑to‑date documentation of detection logic, configurations, incident response procedures, and investigation findings for robust knowledge sharing and auditing purposes.
    • Stay abreast of the latest security threats, vulnerabilities, attack vectors, industry trends, and emerging security technologies to proactively enhance detection measures and fortify digital boundaries.
You will be successful in this role if you have:
  • Technical Proficiency:
    • In‑depth understanding and practical experience with Security Information and Event Management (SIEM) systems (e.g., Splunk, Google Sec Ops) for log analysis, sophisticated rule creation, and dashboard development.
    • Strong knowledge of Endpoint Detection and Response (EDR) and Intrusion Detection/Prevention Systems (IDS/IPS).
    • Proficiency in scripting languages (e.g., Python, Power Shell, Bash) for automation, data manipulation, and custom tool development.
    • Solid understanding of network security, protocols, and traffic analysis.
    • Familiarity with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK) to inform detection strategy and rule development.
  • Analytical and Problem‑Solving

    Skills:

    • Exceptional analytical skills to…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search