The detection engineer is a member of the Cyber Defense Capabilities team and is responsible for designing, implementing, and continuously validating detection capabilities for CSIRT. This includes building high-fidelity detection logic, regression testing to ensure detections remain effective over time, and executing breach and attack simulations (BAS) to align detection coverage with evolving adversary techniques and threat intelligence.
The detection engineer works closely with incident responders, threat hunters, and threat intelligence analysts to drive continuous improvement and reduce mean time to detect (MTTD)
**Your role:**
+ Develop, test, and maintain detection rules, signatures, and correlation logic in SIEM and related platforms.
+ Conduct regression testing of detection rules to ensure accuracy, resilience, and functionality following system updates or logic changes.
+ Perform breach and attack simulations (BAS) to validate detection use cases, tied directl...