More jobs:
Detection Engineer
Job in
Herndon, Fairfax County, Virginia, 22070, USA
Listed on 2026-06-18
Listing for:
Peraton
Full Time
position Listed on 2026-06-18
Job specializations:
-
IT/Tech
Cybersecurity
Job Description & How to Apply Below
Qualifications
- 2 years with BS/BA; 0 years with MS/MA; 6 years with no degree
- Clearance:
Active TS/SCI clearance. - Candidate must meet ONE of the following:
- Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering; OR
- Relevant DoD/military training (examples: A‑531‑1900; DISA (521) Training;
Cyber Defense Infrastructure Support Specialist (Intermediate) Playlist); OR - Relevant professional certification or equivalent experience (examples: GMON, GRID, CEH, Cloud+, CySA+, GSEC, Pen Test+, Security+, SSCP).
- Required experience and skills:
- Detection engineering, SOC analytics, or security operations experience.
- Practical experience authoring correlation rules/signatures and analytic queries in one or more SIEM/analytics languages (e.g., KQL, SPL, Sigma, vendor‑specific).
- Familiarity with IDS/IPS signature development, EDR/endpoint detection, and OT/DCI telemetry characteristics.
- Hands‑on testing/tuning experience to validate detections, reduce false positives, and document operational runbooks.
- Ability to liaise with data engineering to specify ingestion and normalization requirements and validate telemetry fidelity.
- Strong documentation skills and capability to maintain versioned detection content and operational artifacts.
- Desired:
- Prior DoD/ARNG or enterprise SOC/NOSC detection engineering experience.
- Experience mapping detections to MITRE ATT&CK and integrating CTI/CDAP/CHAP inputs into use‑case prioritization.
- Familiarity with automated testing frameworks, SOAR integrations, and detection performance metrics (precision/recall, MTTD).
#ENOCS
We are seeking a highly skilled and innovative Detection Engineer to join our team in the greater DMV area, supporting the Army National Guard.
Responsibilities- Develop and maintain detection logic across SIEM, IDS/IPS, endpoint, and OT/DCI monitoring platforms: correlation rules, signatures, and behavioral analytics.
- Translate threat intelligence, CDAP findings, CHAP results, and vulnerability data into detection use cases, dashboards, and alerting content.
- Test detection rules in lab and sample datasets to verify functionality, tune for false‑positive reduction, and validate operational readiness.
- Document detection logic, metadata, versioned content, and change histories to support operational tracking and auditability.
- Collaborate with SOC and NOSC analysts to tune alerts, refine rule logic, and validate detections against observed activity.
- Update runbooks, produce tuning notes, and support analysts during triage and validation workflows.
- Coordinate with data engineers to ensure ingestion, normalization, and field mappings for high‑value telemetry sources.
- Review telemetry quality, identify gaps in coverage, and report issues that affect detection visibility.
- Contribute to continuous improvement by iterating detection content, refining workflows, and adopting new defensive techniques.
#ENOCS
#J-18808-LjbffrTo View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×