Talent.com
This job offer is not available in your country.
Senior Detection Engineer - MITRE ATT&CK framework - XDR - EDR - AI - Cyber Security Startup - Remote - CTC INR 50 L

Senior Detection Engineer - MITRE ATT&CK framework - XDR - EDR - AI - Cyber Security Startup - Remote - CTC INR 50 L

CareerXperts Consultingdombivli, maharashtra, in
8 hours ago
Job type
  • Remote
Job description

We’re seeking a Senior Detection Engineer to lead the next evolution of AI-augmented threat detection.

This role goes beyond traditional detection engineering : you’ll help improve and build our Detection Engineering Agent , responsible for continuously grading and improving detection coverage based on a customer’s available telemetry, configuration, and behavioral baselines.

You’ll work across multi-cloud , hybrid , and data-lake environments to design modular detections that don’t depend on centralized data storage, but instead leverage federated queries, metadata scoring, and AI-based prioritization.

The ideal candidate combines deep hands-on SIEM expertise with a product mindset : able to design scalable detection pipelines, integrate AI feedback, and quantify detection efficacy at enterprise scale.

Key Responsibilities

  • Design and maintain modular, high-fidelity detections using Sigma, KQL, SPL, Lucene, and other rule / query languages for Sentinel, Splunk, Chronicle, Elastic, and data-lake environments (Snowflake, BigQuery, Databricks).
  • Build and evolve Detection Engineering Agent , enabling real-time tracking, grading, and ranking of a customer’s environment based on data coverage, signal quality, and rule performance.
  • Develop detections that operate without centralized storage , leveraging federated queries, streaming analytics, and metadata summarization instead of raw data ingestion.
  • Quantify coverage gaps across identity, endpoint, cloud, network, and SaaS telemetry; collaborate cross-functionally to enhance observability and threat visibility.
  • Integrate AI and ML models for automated rule tuning, false positive reduction, and behavioral correlation.
  • Implement feedback-driven rule lifecycle management , including performance tracking (TP / FP / FN), version control, and graceful rule deprecation or promotion.
  • Collaborate with SOC, data science, and platform teams to continuously improve detection quality and automate enrichment or response actions via SOAR platforms.

Manage detection-as-code pipelines , ensuring CI / CD integration, modular content reuse, and full traceability of changes.

Required Skills

  • 5+ years of experience in detection engineering, threat hunting, and SOC operations .
  • Expertise in at least two major SIEMs (Sentinel, Google SecOps / Chronicle, Splunk) and data-lake query environments (Snowflake / Databricks).
  • Strong command of Sigma, KQL, SPL, or Lucene , with the ability to abstract detection logic into environment-agnostic templates.
  • Experience with federated detection queries and data modeling for environments without long-term log storage.
  • Familiarity with AI / ML-driven prioritization for detection scoring, clustering, or environment-based tuning.
  • Ability to handle diverse telemetry : cloud (AWS / Azure / GCP), IAM, EDR, firewall, Windows event logs, network, and SaaS platforms.
  • Experience in GitOps / detection-as-code workflows with version control, testing, and deployment pipelines.
  • Excellent communication and documentation skills with a focus on translating technical detections into product-ready content.

    • Nice to Have

  • Experience building or contributing to detection optimization or coverage grading frameworks .
  • Scripting in Python or PowerShell for automation, enrichment, and testing.
  • Familiarity with SOAR integration , purple teaming frameworks , and automated response orchestration .
  • Background in AI / ML model feedback integration for detection scoring or prioritization.

    • Connect to me at rajeshwari.vh@careerxperts.com for more details.

    Create a job alert for this search

    Engineer Framework • dombivli, maharashtra, in

    Related jobs
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    Paramount Computer SystemsThane, IN
    Identity Governance and Administration (IGA).The role involves designing, implementing, and supporting enterprise-grade IGA solutions to ensure secure, efficient, and compliant identity lifecycle m...Show moreLast updated: 11 days ago
    • Promoted
    Information Security Analyst- Urgent-Thane

    Information Security Analyst- Urgent-Thane

    Aditya Birla GroupThane, Maharashtra, India
    Job Description – Information Security Analyst (Defensive Security).Thane, Maharashtra, India (On-site).Job Description – Senior Information Security Analyst (SOC Function).Senior Information Secur...Show moreLast updated: 23 days ago
    • Promoted
    ITC Infotech - L3 Vulnerability Management / Risk & Compliance Lead

    ITC Infotech - L3 Vulnerability Management / Risk & Compliance Lead

    ITC Infotech India LtdMumbai, India
    Job Summary : ITCI Cyber Security team is looking for the role which is accountable for leading the organizations end-to-end vulnerability lifecycle and align...Show moreLast updated: 30+ days ago
    • Promoted
    L3 Server Engineer – Major Incident Management

    L3 Server Engineer – Major Incident Management

    Nextbridge IT SolutionsKalyan-Dombivli, IN
    Nextbridge IT Solutions is a US-based IT solution firm specializing in connecting exceptional talent with organizations driving transformation in infrastructure, cloud, and emerging technologies.We...Show moreLast updated: 23 days ago
    • Promoted
    • New!
    Cyber Security Architect

    Cyber Security Architect

    Tata Consultancy Servicesmumbai city, maharashtra, in
    In depth knowledge of IAM for AWS.Architect and automate the management of AWS Cloud IAM services.Support the Identity and Access Management team within the Technology Risk & Information Security O...Show moreLast updated: 16 hours ago
    • Promoted
    Intelligence Node - System Administrator

    Intelligence Node - System Administrator

    Intelligence NodeMumbai
    We are looking for an experienced Senior System Admin Engineer with proven expertise in cloud infrastructure architecture, system administration, and application deployment.The ideal candidate will...Show moreLast updated: 30+ days ago
    • Promoted
    Enterprise Identity Governance Specialist

    Enterprise Identity Governance Specialist

    beBeeIdentityMumbai, Maharashtra, India
    Our team is seeking a seasoned Cyber Security Engineer to lead the implementation and configuration of enterprise-grade Identity Governance and Administration (IGA) solutions using Saviynt.We are l...Show moreLast updated: 1 day ago
    • Promoted
    VIBS Infosol - Technical Lead - Security

    VIBS Infosol - Technical Lead - Security

    VIBS INFOSOL PRIVATE LIMITEDMumbai
    Experience : 8 - 12 years.Industry : Cybersecurity Services / MSSP / Consulting.Job Overview : We are hiring a Technical Lead - Security Tools to...Show moreLast updated: 30+ days ago
    • Promoted
    Security Researcher

    Security Researcher

    Altered SecurityKalyan-Dombivli, IN
    Altered Security is an information security startup with focus on edtech, hands-on learning and focused security assessments. It has offices in India and Singapore.We are experts in information secu...Show moreLast updated: 30+ days ago
    • Promoted
    Lead Software Developer – Defence Systems

    Lead Software Developer – Defence Systems

    Paras Anti-Drone Technologies Pvt LtdNavi Mumbai, Maharashtra, India
    Job Title : Lead Software Developer – Defence Systems.Experience Level : Senior (5+ years).We are seeking a highly skilled and visionary Lead Software Developer to architect and drive the development...Show moreLast updated: 13 days ago
    • Promoted
    Enterprise Identity Governance Specialist

    Enterprise Identity Governance Specialist

    beBeeSailpointMumbai, Maharashtra, India
    Identity Governance Consultant.We are seeking a highly skilled Identity Governance specialist with deep expertise in SailPoint IdentityIQ to join our team. As a Subject Matter Expert, you will lead ...Show moreLast updated: 1 day ago
    • Promoted
    Saviynt IGA Engineer / Developer - Identity Governance & Administration (IGA)

    Saviynt IGA Engineer / Developer - Identity Governance & Administration (IGA)

    SentinelThane, IN
    Saviynt IGA Engineer / Developer - Identity Governance & Administration (IGA).The security function of a world renowned manufacturing organisation for power tools is seeking a Saviynt IGA Engineer ...Show moreLast updated: 15 days ago
    • Promoted
    Immediate Hiring for Cyber-D&R-SOAR / XSOAR / Palo Alto-2-4 yrs-Mumbai

    Immediate Hiring for Cyber-D&R-SOAR / XSOAR / Palo Alto-2-4 yrs-Mumbai

    DeloitteMumbai, Maharashtra, India
    India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organizations ...Show moreLast updated: 20 days ago
    • Promoted
    AI Security Specialist

    AI Security Specialist

    beBeeRedTeamingThane, Maharashtra, India
    As a seasoned expert in AI security, we are seeking highly analytical and detail-oriented professionals with hands-on experience in Red Teaming, Prompt Evaluation, and Quality Assurance.Conduct rig...Show moreLast updated: 1 day ago
    • Promoted
    GRC Auditor-For a Well Known Cyber Security Co. inIndia

    GRC Auditor-For a Well Known Cyber Security Co. inIndia

    Sperton Global ASNavi Mumbai, Maharashtra, India
    Assist in conducting audit engagements to ensure compliance with standards&.Support the planning, execution &reporting of audits under Sr. Gather& analyze evidence to evaluate client compliance.Basi...Show moreLast updated: 30+ days ago
    • Promoted
    Hiring for-T&T-Cyber-D&R-SOC Operations-3-6 years of experience-Mumbai

    Hiring for-T&T-Cyber-D&R-SOC Operations-3-6 years of experience-Mumbai

    DeloitteMumbai, Maharashtra, India
    India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations ...Show moreLast updated: 20 days ago
    • Promoted
    (Immediate Joiners Only)Identity and Access Management (IAM) Engineer – India (U.S. Hours)

    (Immediate Joiners Only)Identity and Access Management (IAM) Engineer – India (U.S. Hours)

    Triune Infomatics Incnavi mumbai, maharashtra, in
    Job Title : Identity and Access Management (IAM) Engineer – India (U.Business Hours Reporting To : IAM Manager - U.We are seeking a highly skilled Identity and Access Management (IAM) Engineer to joi...Show moreLast updated: 23 days ago
    • Promoted
    Intelligence Node - Software Developer - C++

    Intelligence Node - Software Developer - C++

    Intelligence NodeMumbai
    Key Responsibilities : - Design, develop, and maintain applications using C++ by writing efficient, reliable, and high-performance code that meets...Show moreLast updated: 30+ days ago
    • Promoted
    GRC Auditor-For a Well Known Cyber Security Co. in India

    GRC Auditor-For a Well Known Cyber Security Co. in India

    Sperton Global ASNavi Mumbai, Maharashtra, India
    Assist in conducting audit engagements to ensure compliance with standards&.Support the planning, execution &reporting of audits under Sr. Gather& analyze evidence to evaluate client compliance.Basi...Show moreLast updated: 30+ days ago
    • Promoted
    Softpath Technologies - Cyber Security Audit / VAPT / Compliance Specialist

    Softpath Technologies - Cyber Security Audit / VAPT / Compliance Specialist

    Softpath Technologies LLCMumbai
    Job Title : Cybersecurity Audit / VAPT / Compliance Specialist Location : Mumbai Experience : 3 to 7 Yea...Show moreLast updated: 12 days ago