Sr Threat Detection Engineer

Exact compensation may vary based on several factors, including skills, experience, and education.

We are seeking a highly experienced Senior Detection Engineer to lead the development and optimization of advanced threat detection and response capabilities. This role requires deep expertise in CrowdStrike Falcon Endpoint, Next-Gen SIEM, CS Identity Protection (IDP), FUSION, SOAR platforms, and cloud security. The ideal candidate will serve as the subject matter expert (SME) for the entire CrowdStrike ecosystem, including sensor deployment, troubleshooting, automation, and query development.

Required Skills & Experience

• 8+ years of experience in detection engineering, threat hunting, or security operations.
• Deep expertise with CrowdStrike Falcon Endpoint, Next-Gen SIEM, CS IDP, FUSION, and SOAR platforms.
• Strong experience with cloud security (AWS, Azure).
• Proficiency in CrowdStrike Query Language (FQL / CQL) and scripting (Python, PowerShell).
• Proven ability to troubleshoot CrowdStrike sensor issues, agent health, and platform integration.
• Familiarity with MITRE ATT&CK, NIST 800-53, and modern detection frameworks.
• Expertise in CRBL and / or CRBL-like data optimization tools

Nice to Have Skills & Experience

• CrowdStrike certifications (e.g., CCFA, CCFH)
• Experience with threat intelligence platforms and adversary emulation.
• Familiarity with CI / CD pipelines, detection-as-code, and infrastructure-as-code practices.

Key Responsibilities

• Develop and maintain high-fidelity detection rules using CrowdStrike Falcon, Next-Gen SIEM, and FUSION.
• Leverage CS IDP to detect identity-based threats and lateral movement.
• Write and optimize queries using CrowdStrike Query Language (FQL / CQL) for threat hunting and detection validation.
• Build and tune detections for cloud environments (AWS, Azure, GCP) and integrate with cloud-native logging tools.
• Function as the primary SME for CrowdStrike, including Falcon, IDP, FUSION, and related modules.
• Troubleshoot and resolve sensor deployment issues, agent health problems, and telemetry gaps.
• Serve as the escalation point for CrowdStrike-related errors, automation failures, and detection tuning.
• Design and implement automated response playbooks using SOAR platforms to reduce dwell time and automate / streamline triage.
• Conduct threat modeling for enterprise systems, cloud platforms, and business-critical applications.