Detection Engineer – SIEM / EDR & Threat Intelligence Integration

Company Description

ThreatLens is a cutting-edge cybersecurity company specializing in advanced threat intelligence solutions powered by AI and Large Language Models (LLMs). Our platform enhances organizations' cybersecurity efforts by enabling proactive detection and swift responses to sophisticated threats. By integrating LLM-driven insights, we provide robust security operations with full visibility, faster threat remediation, and reduced risks. ThreatLens empowers organizations to manage and secure their cloud and hybrid environments with speed and precision.

Role Description

The Detection Engineer – SIEM / EDR & Threat Intelligence Integration is a full-time position remote. This role involves developing, integrating, and optimizing SIEM and Endpoint Detection & Response (EDR) solutions in line with threat intelligence strategies. Daily tasks include configuring detection rules, analyzing security event data, and collaborating with teams to improve threat detection capabilities. The Detection Engineer will also design and implement security solutions, troubleshoot technical issues, and assist in maintaining the security infrastructure for diverse environments.

Required Skills

Strong expertise with at least one SIEM (Sentinel, Splunk, Elastic) and one EDR / XDR (CrowdStrike, SentinelOne, Defender for Endpoint) .

Deep understanding of log pipelines, normalization (CEF, Syslog, JSON) , and incident response workflows .

Familiarity with MITRE ATT&CK , Sigma / YARA rules , and IOC correlation methods .

Scripting knowledge (Python, PowerShell, or Bash).

Experience working with threat feeds (OTX, MISP, Abuse.ch, etc.) and enrichment APIs.

Knowledge of automation frameworks (SOAR, playbooks, API-based remediation).

Exposure to AI-assisted detection engineering or LLM-based log enrichment .

Understanding of multi-tenant architecture and data segregation policies .

Qualifications

Strong foundation in Computer Science, with expertise in concepts such as algorithms, data structures, and system design

Proficiency in Back-End Web Development and Software Development for building secure, scalable solutions

Experience with Programming and Object-Oriented Programming (OOP) for creating robust and reliable code

Knowledge of cybersecurity principles and experience with threat detection and response

Strong problem-solving skills and the ability to work effectively in a collaborative, on-site team environment

Relevant certifications such as CISSP, CEH, or GIAC are advantageous

Bachelor's degree in Computer Science, Information Security, or a related field

If you’re passionate about building detections that help AI think like an analyst, send your resume to .

#ThreatLens #CyberSecurity #DetectionEngineering #SIEM #EDR #ThreatIntel #SOC #MITREATTACK #Hiring #RemoteJobs