Senior Security Developer / Researcher – Detection

Job Title: Senior Security Developer / Researcher – Detection

Experience: 5+ Years

Employment Type: Full-time

Role Overview

We are seeking a highly skilled Senior Security Developer / Researcher – Detection to design, develop, and scale advanced security detections across cloud and endpoint environments. This role is ideal for a driven detection engineer with strong experience in threat research, behavioral detection development, and continuous tuning of large-scale detection systems.

You will work closely with detection, response, and security services teams to ensure high-quality, actionable detections that help reduce cyber risk.

Key Responsibilities

Detection Engineering & Development

• Design, develop, and maintain Python- and YAML-based security detections .
• Build behavioral, anomaly-based, and signature-based detections across cloud and endpoint telemetry.
• Continuously tune and optimize detections to reduce false positives and improve efficacy.
• Develop detections for SIEM, EDR, and cloud-native security platforms .
• Research and model threats across multiple attack surfaces.

Threat Research & Analysis

• Analyze cloud logs, email telemetry, OAuth activity, and identity-based attacks .
• Work with OS-specific telemetry including Windows Security/Sysmon logs, Linux, and macOS.
• Monitor Windows PowerShell activity and suspicious execution patterns.
• Maintain awareness of the evolving threat landscape, attack techniques, and tooling .
• Analyze penetration testing tools and real-world attack techniques to inform detection logic.

Collaboration & Quality

• Collaborate with team members to design novel detections and improve existing coverage.
• Participate in code reviews , providing constructive feedback to maintain code quality.
• Debug and enhance existing detection codebases.
• Create runbooks, reports, and supporting documentation for detection surfaces.
• Participate in the full software development lifecycle , ensuring secure, testable, and maintainable code.

Required Qualifications

• 5+ years of professional experience as a Detection Developer , with strong focus on cloud security .
• Hands-on experience developing detections using Python and/or YAML (or similar custom detection languages).
• Strong experience with:
• SIEM detections
• EDR detections/signatures
• Behavioral and anomaly-based detection development
• Experience working with:
• Windows Security logs, Sysmon
• Linux and macOS telemetry
• Cloud identity and access telemetry
• Strong understanding of detection tuning and optimization.
• Experience participating in security-focused software development projects.