Detection Engineer

Job Description

Job Description

Detection Engineer

Charleston, SC - Full Time

Minimum Secret Clearance with ability to obtain TS / SCI required

Position Description :

The Detection Engineer is responsible for designing, developing, and implementing detection mechanisms to identify cyber threats within a Cybersecurity Service Provider (CSSP) environment. The role focuses on creating and managing IDS / IPS signatures, log correlation rules, and other detection tools based on indicator lifecycle analysis. The Detection Engineer collaborates with Defensive Cyber Operations (DCO) Watch Analysts and other teams to ensure timely and effective threat detection, adhering to CJCSM 6510.01B reporting requirements and supporting the CSSP’s mission to protect data across a wide spectrum of sources and locations.

Position Requirements and Duties :

• Design, develop, and implement custom SIEM signatures and NIDS / HIDS rules based on indicator lifecycle analysis to detect cyber threats
• Develop and prioritize risk-based alerting mechanisms to focus detection efforts on high-impact threats, aligning with organizational risk assessments
• Analyze threat intelligence to create and refine detection mechanisms tailored to the customer’s environment
• Validate and test detection rules to ensure accuracy, minimize false positive and benign positive matches, and enhance threat identification capabilities
• Collaborate with DCO Watch Analysts to integrate detection mechanisms into monitoring and incident response workflows
• Maintain and update detection tools and signatures in response to evolving threats, ensuring compliance with CJCSM 6510.01B and other applicable directives
• Compile and maintain internal standard operating procedure (SOP) documentation for detection creation and implementation processes
• Perform log analysis of Splunk and Elastic to support detection development and validation
• Coordinate with reporting agencies and subscriber sites to align detection strategies with operational needs and threat intelligence
• Participate in program reviews, product evaluations, and onsite certification evaluations to assess detection tool efficacy
• Overtime may be required to support detection implementation or incident response actions (Surge)
• Up to 10% travel may be required

Minimum Qualifications :

Desired Qualifications :

Required Certifications :

Company Overview

Adapt Forward is a cybersecurity solutions provider for some of the nation’s most valuable information systems. Leveraging advanced threat assessment technology and experience in building high-level information security infrastructure, we develop adaptive solutions uniquely tailored to our customers’ business objectives to protect sensitive data against sophisticated threats in an increasingly complex security environment.

Summary of Benefits

Equal opportunity employer as to all protected groups, including protected veterans and individuals with disabilities.

Adapt Forward’s Veteran / Disability Affirmative Action Plan narrative section is available for inspection upon request during normal business hours at the Human Resources office and may be requested by contacting Human Resources at HR@adaptforward.com.

Powered by JazzHR

pSoAaTMzr7