Job Description
WE ARE HIRING!
Senior Detection Engineer (Remote – US)
We are hiring a Senior Detection Engineer to design, build, and scale advanced detection capabilities across XDR, SIEM, cloud, endpoint, and identity environments.
Key responsibilities include:
- Designing layered detection frameworks using multi-source correlation (endpoint, network, cloud, identity)
- Building behavioral detections aligned with MITRE ATT&CK and related frameworks
- Developing detection-as-code pipelines with version control, CI/CD, and automated testing
- Writing and optimizing detection rules using KQL, SPL, Sigma, or native SIEM languages
- Reducing false positives through continuous tuning and alert quality improvements
- Performing gap analysis to identify missing coverage against evolving attacker TTPs
- Collaborating with SOC, IR, and platform engineering teams to improve telemetry and detection outcomes
- Tracking detection metrics such as coverage, MTTD, and alert fidelity
What we’re looking for
- 7+ years in Detection Engineering, Threat Hunting, SOC Engineering, or Incident Response
- Strong experience with SIEM/XDR platforms (Splunk, Sentinel, Elastic, Stellar Cyber, etc.)
- Hands-on experience writing detections from scratch (not just modifying existing rules)
- Strong scripting skills in Python or PowerShell
- Experience working with large-scale security log data and SQL-style queries
- Deep understanding of attacker behaviors, TTPs, malware, and attack paths
- Strong communication skills and ability to work across technical and non-technical teams
Email: recruitment5@mobizz.lk
Contact: +9476 6555209