Senior Detection Engineer

October 3

🤠 Texas – Remote

Although this job is listed in Texas, this company may be open to hiring remote in other states.

⏰ Full Time

🟠 Senior

👷🏻‍♀️ Engineer

Apply Now

Receive Emails with Similar Jobs

Binary Defense

WebsiteLinkedInAll Job Openings

Security • Cybersecurity • SaaS

Binary Defense is a cybersecurity firm that provides a range of security services designed to protect businesses from digital threats. The company operates as an extension of client teams, offering managed detection and response, co-managed SIEM, threat hunting, and digital risk protection services around the clock. With a focus on increasing security visibility and reducing complexity, Binary Defense uses a combination of human expertise and technology to offer comprehensive threat detection and response. Their services also include phishing response and incident response, all delivered through a 24/7 security operations center. By integrating advanced threat intelligence and tactical remediation strategies, Binary Defense aims to stay ahead of emerging cyber threats, ensuring the safety of client digital assets.

51 - 200 employees

Founded 2014

🔐 Security

🔒 Cybersecurity

☁️ SaaS

💰 Private Equity Round on 2022-11

📋 Description

• Lead threat-informed detection efforts by staying current with emerging adversary techniques, malware, and campaigns; ensure the detection backlog reflects the most relevant threats. • Guide the Detection Engineering team on prioritization, coverage, and detection choke points that deliver the most meaningful risk reduction for clients. • Design, implement, and validate detections across SIEM (Splunk, Sentinel, Chronicle) and EDR platforms (CrowdStrike, Cortex XDR, SentinelOne, Defender for Endpoint) using a detection-as-code approach. • Assist with development of detection-as-code solutions using Python and REST APIs, enabling CI/CD pipelines for rule deployment, testing, and telemetry inspection. • Collaborate with Threat Intel, IR, and SOC teams to transform intelligence into high-fidelity detection logic. • Contribute to threat modeling and coverage mapping to identify gaps and reduce detection blind spots. • Participate in adversary emulation and validation efforts (e.g., Atomic Red Team, custom tooling). • Mentor junior engineers to better understand attack chains and how adversaries operate. • Support threat research by building capabilities to extract threat intelligence insights from detection engineering efforts.

🎯 Requirements

• 2–5+ years of hands-on experience in detection engineering, threat hunting, or incident response • Strong proficiency with Python and REST APIs for interacting with EDR/SIEM platforms and automating detection workflows • Demonstrated experience writing, tuning, and validating detection logic in at least one of: Sigma, YARA-L, Splunk SPL, KQL, XQL • Experience with telemetry sources including Windows security logs, Sysmon, firewall/proxy logs, and cloud platform audit logs. • Familiarity with MITRE ATT&CK and how to map detections to adversary techniques and detection choke points • Ability to quickly learn new security technologies and adapt detection strategies accordingly • Comfortable working in a fast-paced environment where threat-driven detection and rapid iteration are the norm.

🏖️ Benefits

• Competitive medical, dental and vision coverage for employees and dependents • 401k match which vests every payroll • Flexible and remote friendly work environment • Training opportunities to expand your skill set