Detection Engineer

Job Description

Location:

Cincinnati, OH or Atlanta, GA. Hybrid 3 days per week. Not eligible for remote work. Visa sponsorship not available. Candidates must be a U.S. citizen or valid Green Card holder.

• Develop custom detection logic across SIEM, EDR, and other security tooling within a cutting‑edge technology stack.
• Leverage threat modeling, detection engineering frameworks, and other creative methods to produce high‑fidelity, investigation‑worthy alerting.
• Work closely with cross‑functional teams to create tailored, purpose‑built security content.
• Lead technical knowledge‑sharing sessions to empower teammates and stay on the forefront of content development and beyond.
• Possess a detection‑as‑code mindset to drive security content that is confidently deployed, continuously tested, and expertly tuned.
• Become immersed in our technology stack and logging to deliver solutions that push the boundaries of our security capabilities.
• Use this familiarity to present security teams with the most relevant data to make quick and accurate decisions.
• Stay current with the latest detection‑engineering techniques, threat tactics, and industry knowledge.
• Shape the future of our data‑science and advanced analytic efforts.

• Bachelor’s degree in computer science, information systems, or equivalent education/training/work experience.
• Three or more years of experience in detection engineering or related fields.
• Experience with cloud‑native data platforms, event streaming, and analytic engines.
• Knowledge of network design and data‑flow/pipelines.
• Strong understanding of security data lakes, SIEM, EDR, and interaction with SOAR.
• High proficiency with SIEM query languages and scripting languages (Python, R, Power Shell, SQL/KQL/LQL).
• Adaptability to new languages and technologies.
• Clean and thoughtful documentation to enable knowledge sharing and reference materials.
• Experience with Agile project‑development methodologies and incident case management.
• Familiarity with detection‑as‑code and implementing CI/CD in detection engineering.
• Ability to identify untapped value while possessing a consumer‑first mindset to build outstanding security content.
• In‑depth knowledge of security technologies (encryption, data protection, design, privilege access, etc.).
• Desired certifications: GSEC, GCIH, CISSP, or other security or network certifications.

Worldpay is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics.
The EEO is the Law poster is available here.

Reasonable accommodations will be provided for individuals with qualified disabilities during the hiring process and to allow the individual to perform the essential functions of the job if hired.