🛠 Tech Stack

💼 About This Role

You'll design and develop high-fidelity detection content and build data pipelines for security operations at a defense autonomy company. You'll own the full detection lifecycle from gap analysis through production tuning. This role is weighted heavily toward detection engineering, with an emphasis on adversary behavior and telemetry coverage.

🎯 What You'll Do

• Design and tune detection rules across endpoint, cloud, network, and identity telemetry
• Develop detection-as-code with version-controlled logic and CI/CD deployment
• Build data pipelines for security telemetry ingestion, normalization, and enrichment
• Create automated response playbooks in SOAR platforms

📋 Requirements

• 3+ years in detection engineering, security operations, or security automation
• Experience designing detection rules across production security telemetry sources
• Hands-on experience with SIEM query languages like SPL or KQL
• Proficiency in Python for security automation and pipeline development

✨ Nice to Have

• Experience in defense, aerospace, or high-assurance environments
• Cloud-native detection in AWS and Azure
• Familiarity with MITRE ATT&CK and incident response