×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Data Security

Advanced Defensive Detection Engineer

Job in Quincy, Norfolk County, Massachusetts, 02171, USA
Listing for: STATE STREET CORPORATION
Full Time position
Listed on 2026-06-03
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Data Security
Salary/Wage Range or Industry Benchmark: 120000 - 202500 USD Yearly USD 120000.00 202500.00 YEAR
Job Description & How to Apply Below

Position

Advanced Defensive – Detection Engineer

Overview

We are looking for an Advanced Defensive – Detection Engineer to be part of a small team tasked with securing the firm’s most critical network environments and applications. The engineer will understand how a threat actor might attack or exploit these environments and create, test, enhance, and document detection capabilities to detect adverse events within these systems.

Responsibilities
  • Interpret threat models and conduct research to write and diagram discrete and detectable threat tactics, techniques, and procedures (TTPs).
  • Serve as an expert advisor on detecting TTPs for executives.
  • Write Technique Research Reports or similar documents to assist cybersecurity practitioners in understanding, emulating, and detecting cyber‑attacks.
  • Develop and implement new detection rules for applications, cloud & on‑premises systems.
  • Triage, prioritize, and take appropriate action to address requests for detection rule corrections or enhancements.
  • Test and tune threat detection rules within SIEM, EDR, and other tools.
  • Monitor, maintain, and refresh SIEM look‑up tables and other tables.
  • Implement automated detection rule metrics to identify performance issues and opportunities to increase efficiency, fidelity, or possible retirement.
  • Validate and document detection requirements, search criteria, test cases, and other artifacts through appropriate documentation libraries and development tracking tools.
  • Document and maintain assets, scripts, and processes to test SIEM/EDR rules for reuse.
  • Partner with other Fusion Center teams to align detection strategy with threat models and the MITRE ATT&CK framework.
  • Collaborate with purple team, security, risk, IT, and business professionals to validate and document threat detection goals.
  • Provide guidance in alert creation among various security controls such as EDR, IDS, Cloud, email gateways, etc.
  • Analyze, influence, and recommend improvements.
  • Collaborate with various teams to learn, document, and maintain a library of IT processes, naming conventions, assets, configurations, and other considerations that can be leveraged to improve security capabilities across the organization.
Required Experience
  • Minimum five years performing detection engineering functions, including threat hunting, SOC management, threat research, data science, and data mining.
  • Experience in advanced threat modeling, detection‑as‑code pipelines, MITRE ATT&CK mapping, alert triage, basic rule tuning, custom logic, and threat hunting.
  • Experience in threat simulation, including adversary simulation, custom tooling, Red team collaboration, and scripting emulations.
  • Experience with systems infrastructure, secure architecture design, and cloud‑native controls.
  • Full‑stack scripting, automation frameworks, advanced scripting in Python, Power Shell, SPL, SQL, KQL, and regex.
  • Network forensics, encrypted traffic analysis, TCP/IP, DNS, HTTP, IDS/IPS, proxy logs, VPN analysis.
  • Analysis including anomaly detection, advanced statistics, and creation of statistical models.
  • Data engineering – parsing, dashboards, API design.
  • Awareness of compliance frameworks: ISO 27001, EU GDPR, PCI‑DSS, EU DORA, SOX, NIST CSF, OCC Part
    30, and financial regulatory frameworks.
  • Experience with payment systems, classified systems, or other critical environments.
  • Experience presenting to and advising executives.
Desired Knowledge & Skills
  • Knowledge of cybersecurity threat actors, tactics, techniques, procedures, tradecraft, and notable attacks.
  • Knowledge of cybersecurity principles, defense in depth, and risk management processes.
  • Knowledge of computer network protocols, system design tools, server administration, software engineering principles, enterprise IT architecture, systems engineering, reverse engineering tools, secure software development, deployment & maintenance.
  • Knowledge of agentic AI systems for continuous monitoring.
Education & Additional Qualifications
  • Bachelor’s degree in computer science, information security, engineering, data science, mathematics, or a related field.
  • Postgraduate degree preferred.
  • Experience working with fusion centers, SOCs, vulnerability assessment, threat management,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search