CrawlJobs Logo

Cyber Threat Detection Engineer

rearc.io Logo

Rearc

Location Icon

Location:
United States

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Rearc is looking for a Cybersecurity Threat Detection Engineer with proactive communication skills, a foundation in DevSecOps, Detection-As-Code, deep purple team technical expertise, and an entrepreneurial approach to join our growing Cybersecurity practice. This role involves partnering with Rearc customers to design cutting-edge detection strategies and support the development of top-tier, modern cybersecurity monitoring programs. You will craft tailored security detections to strengthen our clients' cybersecurity efforts by leveraging Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), and Network Detection and Response (NDR) services.

Job Responsibility:

  • Utilize NDR, EDR, real-time streaming, and SIEM technologies to develop robust threat detection capabilities
  • Build and optimize detection rules leveraging real-time data streaming to enhance detection accuracy
  • Design enrichment pipelines and automation workflows to enhance the precision of threat detections
  • Develop correlation logic and automated processes to create high-fidelity threat alerts
  • Build compliance and recoverability of customer Data Analytics solutions, including SOPs, data onboarding, normalization, enrichment, and system maintenance
  • Create automation playbooks for incident triage and response
  • Align detection content with customer-specific Use Case Frameworks and provide metrics on cybersecurity threats impacting their environment
  • Collaborate with customer cybersecurity teams to cover gaps and enhance enterprise posture
  • Support enterprise Cybersecurity, Information Technology (IT), and Operational Technology (OT) teams by providing dashboards and other data exploration tools
  • Stay continually aware of emerging cybersecurity threats and trends, adapting detection strategies as needed
  • Work closely with customer teams, including Cybersecurity Operations Center (CSOC), Operational Technology (OT), and Incident Response (IR) teams, to ensure detections are actionable and relevant
  • Provide feedback to improve the customer's security framework and overall security monitoring strategy

Requirements:

  • 6+ years of experience in Cybersecurity with a focus on: Log streaming
  • Cybersecurity data lakes and data warehousing
  • SOAR engineering
  • SIEM engineering, administration, architecture, and operations
  • Data science, statistical analysis, and threat detection development
  • Integrating disparate IT, OT, and business applications into SIEM systems
  • Bachelor's degree in Management Information Systems, Computer Science, or a related field
  • A strong passion for Cybersecurity and a commitment to staying current with industry trends, best practices, and tools
  • Proven experience in documenting, socializing, and operationalizing Cybersecurity technologies and processes
  • Prior programming experience in Python, SQL, and Apache Spark
  • Solid understanding of common attack techniques and their practical applications
  • Demonstrated ability to work effectively across multiple teams, building cross-functional relationships with individuals of varying technical expertise
  • A self-starter with a proven ability to thrive in fast-paced environments
  • Strong technical communication skills, both written and verbal

Nice to have:

Prior experience with platforms like Databricks, Cribl, Tines, or other cybersecurity lakehouse providers

Additional Information:

Job Posted:
January 04, 2026

Work Type:
Remote work
Icon
Rearc - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cyber Threat Detection Engineer

Senior Threat Detection Engineer

We’re expanding our Threat Detection Engineering team at Atlassian and looking f...
Location
Location
United States , San Francisco
Salary
Salary:
146300.00 - 235000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Minimum 3 years experience in Detection Engineering roles
  • Experience building advanced data analytics and ML based detection models to identify complex threats
  • Experience building effective detection capabilities to modern cloud environments
  • Experience using common programming languages to build automation
  • Experience identifying threats through proactive threat hunting
  • Experience using security detection technologies and systems, including firewalls, intrusion detection systems, EDR, and authentication systems
  • Experience successfully delivering complex projects
  • Strong analytical skills and the ability to effectively identify and resolve problems
Job Responsibility
Job Responsibility
  • Develop advanced threat detection mechanisms using complex data analytics and machine learning models that can effectively identify and raise alerts for any adversarial or high-risk behaviors within the Atlassian’s systems
  • Continuous improvement and fine-tuning of detection systems to effectively adapt to new and emerging cyber threats
  • Monitor and enhance critical detection systems to ensure their reliability and effectiveness in delivering robust detection capabilities
  • Deploy new detection technologies to continuously uplift and improve our detection capabilities
  • Collaborate with partner teams such as Incident Response and Threat Intelligence is to establish and maintain meaningful security alerts
  • Work closely with these teams to ensure security alerts are relevant, actionable, and aligned with the overall security strategy
  • Collaborate closely with Product Engineering, Data Platform, and Security Engineering teams to advance our detection coverage and tooling in our production cloud environments
  • Automate complex security operational tasks, aiming to streamline and optimize routine security activities
  • Develop tools, systems, and programs to enhance and fortify Atlassian's overall security posture
  • Remain informed about the latest security trends, emerging threats, and evolving technologies to ensure that Atlassian is well-prepared to adapt to new security challenges
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Threat Detection Engineer

At Atlassian, we are seeking a skilled Threat Detection Engineer to join our tea...
Location
Location
United States , San Francisco
Salary
Salary:
128300.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • Minimum 3 years experience in Security Operations roles and 1 year experience in Detection Engineering role
  • Experience building threat detection mechanisms in common log analysis platforms (eg. Splunk)
  • Experience using common programming languages to build automation
  • Experience performing threat hunting
  • Experience using security detection technologies and systems, including firewalls, intrusion detection systems, EDR, and authentication systems
  • Experience with cloud technologies including AWS and network protocols
  • Strong analytical skills and the ability to effectively identify and resolve problems
Job Responsibility
Job Responsibility
  • Develop advanced threat detection mechanisms that can effectively identify and raise alerts for any adversarial or high-risk behaviors within the company's systems
  • Continuous improvement and fine-tuning of detection systems to effectively adapt to new and emerging cyber threats
  • Monitor and enhance critical detection systems to ensure their reliability and effectiveness in delivering robust detection capabilities
  • Collaborate with partner teams such as Incident Response and Threat Intelligence to establish and maintain meaningful security alerts
  • Perform threat hunting activities to proactively identify and mitigate new and emerging threats within Atlassian's systems
  • Automate common security operational tasks, aiming to streamline and optimize routine security activities
  • Develop tools, systems, and programs to enhance and fortify Atlassian's overall security posture
  • Remain informed about the latest security trends, emerging threats, and evolving technologies to ensure that Atlassian is well-prepared to adapt to new security challenges
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

We are looking for someone dynamic who can quickly adapt to new challenges and f...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
miniclip.com Logo
Miniclip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 1 year of experience in SOC or similar cybersecurity role with exposure to advanced threat detection and analysis
  • Background in Computer Science, Information Technology, or a related field
  • Proficiency in SIEM platforms (e.g., Sentinel, Splunk, QRadar) and writing custom correlation rules
  • Hands-on experience conducting: Technical Software Security Risk Assessments
  • Vulnerability Assessments in web and/or mobile applications, and Physical and Wireless penetration testing
  • Document and report incidents/assessments/findings
  • Understanding of cybersecurity standards and frameworks (e.g., ISO27001, NIST, NIS2, OWASP)
  • Availability for work outside of regular hours on short notice to handle emergencies
  • A social and hard-working candidate who thrives in a team environment and is passionate about their work
  • Solid understanding of cyber security best practices and frameworks
Job Responsibility
Job Responsibility
  • Incident handling: Identifying, triaging, and investigating potential security incidents
  • Systems Administration: Understanding system internals and implementing effective countermeasures and remediation strategies on different operating systems
  • Computer Forensic Analysis: Possessing a background in utilizing diverse forensic analysis tools during incident response investigations to assess the scope and depth of compromise
  • Vulnerability Assessment: Review and validate vulnerability reports collected by our systems working closely with cross-functional core/development teams to prioritize and facilitate the remediation of identified vulnerabilities in a timely manner
  • Reporting and documentation: Develop and maintain accurate records of all the incidents, vulnerability reports, assessments, remediation efforts, ensuring clear documentation of findings and resolutions
  • Awareness: Promote security awareness within the organization by conducting training sessions, sharing insights on emerging threats, and fostering a culture of security consciousness
  • Threat Hunting: Performing proactive threat hunting across the group
  • Physical Security: Availability to travel through our different studios to identify physical vulnerabilities and propose remediation measures
Read More
Arrow Right

Cyber Security Engineer

Darumatic is an IT Consultancy and Recruitment Services Company that focuses on ...
Location
Location
Australia , Canberra
Salary
Salary:
Not provided
darumatic.com Logo
Darumatic
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Character clearance, including a police check
  • Negative Vetting level 1
  • Political neutrality
  • Australian citizen
  • Experience using Sentinel or a similar SIEM solution is essential
  • In-depth familiarity with the Australian Government Information Security Manual
  • Experience with security technologies such as endpoint protection, firewalls and IDS/IPS
  • Extensive experience in Windows, Linux, networking and system administration
  • Experience with security services in the cloud (Azure or AWS)
Job Responsibility
Job Responsibility
  • Detection and coordination of incident response to threats, both foreign and domestic, against critical electoral systems
  • Augmenting the existing operations team to assist in uplifting the existing capability
  • Maintenance of cyber security monitoring and analysis toolsets
  • Taking a lead role in the build of the cyber security architecture through consultation with client's internal teams to secure this architecture
  • Working primarily in the office
  • Ability to work shifts as required in response to cyber security incident, and also to support electoral events at key periods (e.g. close of rolls, polling day)
Read More
Arrow Right

Cyber Security Engineer

The Cyber Security Engineer is responsible for managing and securing the organiz...
Location
Location
United States , El Monte
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • Minimum of 4 years of experience in cybersecurity, IT administration, or a related role
  • Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) preferred
  • Strong knowledge of security technologies, including firewalls, VPNs, IDS/IPS, and antivirus solutions
  • Experience with Office 365 security configurations, including conditional access and MFA
  • Proficiency in Azure security concepts and tools
  • Familiarity with internal and external scanning tools and techniques
  • Knowledge of security frameworks and standards.
Job Responsibility
Job Responsibility
  • Administer and manage security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions
  • Monitor and analyze security logs and alerts to detect and respond to potential security incidents
  • Implement and manage identity and access management (IAM) systems, including user provisioning and de-provisioning for Office 365 and Azure environments
  • Configure and enforce conditional access policies to ensure secure access to applications and data based on user context and risk levels
  • Implement multi-factor authentication (MFA) to strengthen security for Office 365 and other critical applications
  • Respond to and investigate security incidents, coordinating with IT and other departments to remediate vulnerabilities
  • Maintain incident response plans and participate in post-incident reviews to improve security processes
  • Conduct regular internal and external vulnerability scans to identify security weaknesses and ensure compliance
  • Perform penetration testing and threat assessments to simulate attacks and evaluate the security posture of the organization
  • Develop, implement, and maintain security policies, procedures, and guidelines specific to Office 365, Azure, and other cloud services
What we offer
What we offer
  • Access to top jobs, competitive compensation and benefits, and free online training
  • Medical, vision, dental, and life and disability insurance
  • Eligibility to enroll in 401(k) plan.
  • Fulltime
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Principal Security Operations Engineer - Systems Architect

The Cloud & AI organization accelerates Microsoft’s mission and ambitions to ens...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Own the TCB security architecture: threat model key trust boundaries, define target states, and codify compensating controls
  • Lead risk identification & key results frameworks: quantify breach paths, set objective success criteria, and measure risk residuals
  • Architect isolation patterns (identities, secrets, network paths, compute/storage seams) and drive enforcement with engineering owners
  • Design telemetry baselines and validation loops (coverage, quality, retention) to support operations, and close gaps with productized pipelines
  • Run burndown campaigns: prioritize work, produce decision docs, sequence mitigations, and hold the line on SLAs
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy