×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Sr Detection & Automation Engineer

Job in Milwaukee, Milwaukee County, Wisconsin, 53205, USA
Listing for: Northwestern Mutual
Full Time position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Job Description & How to Apply Below

What's the role?

Are you passionate about cybersecurity and eager to lead a team in protecting an organization from cyber threats? We are looking for a Senior Detection & Automation Engineer to join our Enterprise Cybersecurity team. In this role, You will take charge of developing and maintaining security automation playbooks and ensuring our detection systems are top-notch, managing security tools and infrastructure, designing efficient automation processes, and leading blue team exercises.

Primary Duties & Responsibilities

  • Leadership:
    The Senior Detection & Automation Engineer is a leader within the Enterprise Cybersecurity with the expectation to guide and mentor more junior members. This includes overseeing the work performed by junior engineers, mentoring their technical educational activities, freely sharing knowledge, and testing techniques.

  • Security Detection Engineering:
    Prioritizes and builds detection rules for the SIEM platform to identify malicious activities based on knowledge of the inner workings of cyber-attacks. Develops, maintains, and ensures the proper documentation of detection logic, rules, and alerts. Enhances and improves data quality from external sources in the SIEM by understanding the current best state of detection engineering and integration practices.

  • Blue Team:
    Accountable for assisting in the design and implementation of blue team exercises including independently leading components of the exercise.

  • Security Research:
    Accountable for regularly monitoring the security community for, and researching, the latest assessment and exploit methodologies. This work is concluded by sharing the information back to the team in the form of newly written tools and/or attack techniques via informal internal training sessions.

  • Reporting:
    Accountable for preparing and delivering the highest quality security information that comprehensively and clearly explains risk, demonstrates findings, and offers tactical and strategic recommendations to both technical and non-technical internal clients.

  • Communication:
    Effective and professional communication of a variety of topics, including technical and non-technical information, to a wide variety of internal and external customers including leadership from across the organization.

  • Ad Hoc Incidents:
    Accountable for working with the security operations center, incident responders, and technology infrastructure, and development teams as necessary.

  • Metrics:
    Accountable for working with select team members to track, monitor, and report testing results in a meaningful way so that risk-based security metrics are delivered to the enterprise.

  • Training:
    Attend training to stay current with technology and security trends. Incorporates learnings from training to improve organizational technology and processes.

  • Perform other duties as assigned.

Qualifications

  • Educational Background:
    Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field. A master’s degree is a plus.

  • Splunk or SIEM Related Systems:
    Proficiency in using Splunk or other SIEM platforms is essential. This includes the ability to create, manage, and optimize detection rules and alerts within these systems.

  • Understanding of Logs:
    Strong understanding of logs and log formats, including how logs flow through various systems. Ability to filter, transform, and normalize data to enrich it for use in cybersecurity alerts and reports.

  • Incident Response

    Experience:

    Experience in incident response is highly preferred. This includes the ability to quickly identify, analyze, and respond to security incidents.

  • System Administration

    Experience:

    Experience as a system administrator is highly preferred. This includes a deep understanding of operating systems, network configurations, and security controls.

  • Git Lab:
    Proficiency with Git Lab for version control and CI/CD pipeline management. Ability to automate and streamline detection engineering processes using Git Lab.

  • Python:
    Strong programming skills in Python for scripting and automation tasks. Ability to develop custom scripts to enhance detection capabilities and integrate various security tools.

  • Detection Engineering:
    Ability…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search