Detection Engineer ? SIEM/EDR & Threat Intelligence Integration

Job Description

Company Description ThreatLens is a cutting-edge cybersecurity company specializing in advanced threat intelligence solutions powered by AI and Large Language Models (LLMs). Our platform enhances organizations' cybersecurity efforts by enabling proactive detection and swift responses to sophisticated threats. By integrating LLM-driven insights, we provide robust security operations with full visibility, faster threat remediation, and reduced risks. ThreatLens empowers organizations to manage and secure their cloud and hybrid environments with speed and precision. Role Description The Detection Engineer ? SIEM/EDR & Threat Intelligence Integration is a full-time position remote. This role involves developing, integrating, and optimizing SIEM and Endpoint Detection & Response (EDR) solutions in line with threat intelligence strategies. Daily tasks include configuring detection rules, analyzing security event data, and collaborating with teams to improve threat detection capabilities. The Detection Engineer will also design and implement security solutions, troubleshoot technical issues, and assist in maintaining the security infrastructure for diverse environments. Required Skills Strong expertise with at least one SIEM (Sentinel, Splunk, Elastic) and one EDR/XDR (CrowdStrike, SentinelOne, Defender for Endpoint) . Deep understanding of log pipelines, normalization (CEF, Syslog, JSON) , and incident response workflows . Familiarity with MITRE ATT&CK , Sigma/YARA rules , and IOC correlation methods . Scripting knowledge (Python, PowerShell, or Bash). Experience working with threat feeds (OTX, MISP, Abuse.ch, etc.) and enrichment APIs. Knowledge of automation frameworks (SOAR, playbooks, API-based remediation). Exposure to AI-assisted detection engineering or LLM-based log enrichment . Understanding of multi-tenant architecture and data segregation policies . Qualifications Strong foundation in Computer Science, with expertise in concepts such as algorithms, data structures, and system design Proficiency in Back-End Web Development and Software Development for building secure, scalable solutions Experience with Programming and Object-Oriented Programming (OOP) for creating robust and reliable code Knowledge of cybersecurity principles and experience with threat detection and response Strong problem-solving skills and the ability to work effectively in a collaborative, on-site team environment Relevant certifications such as CISSP, CEH, or GIAC are advantageous Bachelor's degree in Computer Science, Information Security, or a related field If you?re passionate about building detections that help AI think like an analyst, send your resume to [email protected] . #ThreatLens #CyberSecurity #DetectionEngineering #SIEM #EDR #ThreatIntel #SOC #MITREATTACK #Hiring #RemoteJobs