Detection Engineer

Roles & Responsibilities

Primary Objectives
Assist in creating, tuning, and maintaining detection rules across EDR and MDR platforms
Monitor and validate alerts to reduce false positives
Support senior engineers in developing detection strategies
Key Responsibilities
Build and modify detection rules for EDR tools (SentinelOne, etc.)
Analyze endpoint telemetry and alerts to identify gaps in detection
Assist in triaging alerts and improving detection quality
Work with senior engineers and threat intelligence teams to translate attacker behavior into detection logic
Conduct retrospective testing using historical data
Document detection logic and use cases
Participate in validation exercises using simulated activity
Stay updated on emerging threats and techniques
Support alert tuning and reduce alert fatigue
Contribute to internal documentation
Requirements
Degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
0–2 years of experience in detection engineering, threat hunting, or SOC roles
Experience in MSSP or enterprise SOC environment is an advantage