Detection Engineer

Come join Deepwatch's team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!Who We AreDeepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch's cloud-based security operations platform, Deepwatch provides the industry's fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.Recognition2025 Great Place to Work Certified2024 Military Times Best for Vets Employers2024 US Department of Labor Hire Vets Gold Award2024 Forbes' America's Best Startup Employers2024 Cyber Defense Magazine, Global Infosec Awards2023 Fortress Cybersecurity Award2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners2022 Cybersecurity Excellence Award for MDRDetection EngineerReports to: Senior Manager Threat Detection & ResearchHybrid Tampa, FL or RemoteWhile proximity to Tampa is preferred to support a hybrid schedule in our Tampa Center of Excellence, we're open to remote candidates who can support the Eastern Time Zone.ResponsibilitiesDevelop and document new Detection Capabilities for customer environmentsWork with customers to develop a comprehensive strategy for effective detectionsLeverage industry frameworks, such as MITRE ATT&CK Framework, for customer-facing alert improvement roadmapApply knowledge of common detection tools (Azure logging, command line logging, etc.) to advise customers on logging capabilities to expand applicable detection libraryConfidently prioritize log sources for ingestion and enablementEvaluate current monitoring and detection capabilities to identify areas for improvementConduct Detection Gap AnalysesManage detection capabilities to ensure appropriate coverage, effective operation, and adherence to Deepwatch standardsDetection EnablementDetection Effectiveness (Tuning, Validation, etc.)Detection CreationOnboard assigned customers, establishing baseline detection coverage and detection enablement plan post onboardingEnsure ingested log sources conform to CIM standardsQualificationsExperience working for a Managed Security Service Provider (MSSP) or similar cybersecurity organizationExperience working and querying SIEM tools or other log-based data preferably SplunkExperience in engineering event detection & response tuningAbility to engineer creative, scalable, and out-of-the-box solutionsUp-to-date with engineering best practices, security technology trends, tools, and frameworksExperience in developing detections for attacker tactics, techniques, and procedures (TTPs)Able to both investigate and create security rules in at least 1 SIEMUnderstanding of general enterprise network architecture and security incident responseUnderstanding of common enterprise technologies and logging capabilities including Cloud, IDS/IPS, Firewalls, Active Directory, Anti-Virus/EDR, Proxies, and Email GatewayUnderstanding of various attack frameworks such as MITRE ATT&CK and general adversarial / defensive security techniques (e.g. the Cyber Kill Chain, and NIST)Ability to communicate and document technical information effectively towards various audienceStatutory Pay DisclosureThe anticipated salary range for this role is $94,500 - $118,700 plus stock options and benefits. Actual compensation may vary from posted hiring range based on geographic location, work experience, education, and/or skill level.ITAR ComplianceA citizen of the U.S.;A lawful permanent resident of the United States;A person admitted to the United States as a refugee; orA person that has been granted asylum by the United States government.The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.What We OfferMedical, dental, vision, and disability insuranceFlexible Time Off, 12 company holidays, sick leave and 8-weeks Paid Parental LeaveUnique professional development benefits with annual development dollars to support our people growth and developmentWellness contests and monthly educational programs401(K) retirement programLearn more at Deepwatch BenefitsWe understand the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don't hesitate to apply — we'd love to hear from you. Please review our DEI Statement.Deepwatch welcomes and encourages applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process. Please inform your recruiter or contactrecruiting@deepwatch.com for further information.All Deepwatch employees are expected to be interested in and able to work remotely from a home office when not at a corporate office and pass a pre-employment background check in accordance with applicable laws.Equal Opportunity EmployerDeepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.Privacy NoticeBy submitting your application, you agree that Deepwatch may collect your personal data for recruiting, global organization planning, and related purposes. The Deepwatch Privacy Policy explains what personal information we may process, where we may process your personal information, our purposes for processing your personal information, and the rights you can exercise over Deepwatch's use of your personal information.J-18808-Ljbffr