Security Threat Detection Engineer Consultant

About the Opportunity:
Cloud Security Services, a New Era Company, is seeking a Security Threat Detection Engineer Consultant to support client’s Threat Management objectives by building, maintaining, and improving threat detection and alerting infrastructure. The role ensures the right data collection and detections are in place to discover threats against infrastructure, data, employees, and customers. This is a 6-month remote opportunity.

Responsibilities:

1. Ideate, design, develop, test, monitor, and tune high-quality detections to enable security analysts to respond effectively to security threats.
2. Write comprehensive and well-documented alerting and detection strategies, providing necessary context and runbooks for security analysts and incident responders.
3. Build, maintain, and improve custom detection and alerting solutions, or optimize existing commercial tools to ensure adequate detection coverage.
4. Act as a subject matter expert for security-relevant logs and data to assist the Incident Response team during high-priority investigations.
5. Collaborate with the Threat Intelligence team to enhance detection effectiveness and security posture.

Required Skills:

• 1-3 years of hands-on experience with full-lifecycle detection engineering supporting a security operations team.
• Experience as a Security Operations Analyst or Incident Responder.
• Proficiency with Splunk or other common SIEM and SOAR solutions.
• Technical expertise in areas such as application security, cloud security, digital forensics, malware analysis, threat hunting, or incident response.
• Familiarity with SQL, relational databases, and data warehousing.
• Basic scripting skills (e.g., Python) for automation within case management and CI/CD environments.
• Knowledge of metrics to evaluate detection program effectiveness, such as MITRE ATT&CK coverage.
• Understanding of threat actor techniques, vulnerabilities, exploits, and their log and artifact signatures.
• Excellent communication, collaboration, and documentation skills.
• Ability to work independently and across time zones.
• Strong analytical and organizational skills, with a focus on business outcomes.

Preferred Skills:

• Relevant industry certifications.
• Experience with Sigmarules detections.
• Background in software engineering, DevOps, or data science.
• Hands-on experience with AWS cloud environment.
• Splunk engineering/administration experience.
• Knowledge of compliance frameworks like PCI-DSS, FedRAMP.

Required Education:

• Bachelor's degree or equivalent experience.
• Cybersecurity certifications such as CISSP or CISM.

EEO Statement:
Cloud Security Services is an equal opportunity employer. All qualified applicants will be considered regardless of race, color, religion, gender, gender identity or expression, sexual orientation, marital status, national origin, genetics, disability, age, or veteran status.