Senior Detection Engineer
Systemtec, New York, NY, United States
SYSTEMTEC
is seeking a
Senior Detection Engineer
for a hybrid opportunity in Columbia, SC. The candidate will support a statewide security operations program, focused on developing, tuning, and maintaining detection rules across a centralized SIEM/SOAR environment. This role will work closely with SOC teams, threat hunters, and multiple agencies to identify detection gaps, improve coverage, and strengthen overall cybersecurity visibility and response capabilities.
Required Qualifications of the
Senior Detection Engineer:
Applicants must be authorized to work for any employer in the U.S. We are unable to provide sponsorship or work with Third-Party agencies.
Bachelor's degree in Information Technology, Cybersecurity, or related field; 8+ years of equivalent security architecture or engineering experience may substitute for degree
5+ years of experience developing automation and scripting solutions using Python, PowerShell, Bash, or similar languages
5+ years supporting large-scale enterprise IT environments, infrastructure, or system deployment initiatives
Experience designing, building, and tuning detection rules using Sigma, YARA, or comparable detection languages
Strong understanding and practical application of the MITRE ATT&CK framework for detection engineering use cases
Experience performing detection engineering within SIEM platforms, including rule creation, optimization, and false-positive reduction
Experience working directly with SOC analysts and threat hunting teams to refine detection logic and incident visibility
Ability to document detection logic, workflows, runbooks, and SOAR integration procedures for operational use
Strong knowledge of Windows and Linux system artifacts and enterprise security telemetry
Preferred
Skills / Experience
of the Senior Detection Engineer:
Certifications such as CISSP, CISA, OSCP, GPEN, or equivalent advanced cybersecurity credentials
Experience with Palo Alto Networks Cortex XSIAM or similar modern detection and response platforms
Vendor-specific detection engineering certifications or advanced SIEM engineering training
Experience working in public sector or highly regulated enterprise environments
Familiarity with statewide or multi-agency security operations environments
Responsibilities of the Senior Detection Engineer:
Review, tune, and optimize existing detection rules within a centralized SIEM environment
Identify detection coverage gaps through analysis of logs, telemetry, and security data sources
Develop new detection logic and use cases to address identified security visibility gaps
Collaborate with SOC analysts and threat hunters to refine alerts and improve detection accuracy
Monitor threat intelligence sources to identify emerging threats and translate them into detection content
Document detection processes, runbooks, and SOAR workflows to support operational consistency
Work Location:
Hybrid in Columbia, SC (Preference for candidates who can work onsite versus hybrid)
Compensation / Benefits:
Full-Time Employment with SYSTEMTEC means a competitive salary + paid OT, PTO, holidays, health, dental, disability, and life coverage, 401K, tuition reimbursement and more.
***Please note:
SYSTEMTEC is not set up to employ workers in the states of California, New York, and New Jersey .***
is seeking a
Senior Detection Engineer
for a hybrid opportunity in Columbia, SC. The candidate will support a statewide security operations program, focused on developing, tuning, and maintaining detection rules across a centralized SIEM/SOAR environment. This role will work closely with SOC teams, threat hunters, and multiple agencies to identify detection gaps, improve coverage, and strengthen overall cybersecurity visibility and response capabilities.
Required Qualifications of the
Senior Detection Engineer:
Applicants must be authorized to work for any employer in the U.S. We are unable to provide sponsorship or work with Third-Party agencies.
Bachelor's degree in Information Technology, Cybersecurity, or related field; 8+ years of equivalent security architecture or engineering experience may substitute for degree
5+ years of experience developing automation and scripting solutions using Python, PowerShell, Bash, or similar languages
5+ years supporting large-scale enterprise IT environments, infrastructure, or system deployment initiatives
Experience designing, building, and tuning detection rules using Sigma, YARA, or comparable detection languages
Strong understanding and practical application of the MITRE ATT&CK framework for detection engineering use cases
Experience performing detection engineering within SIEM platforms, including rule creation, optimization, and false-positive reduction
Experience working directly with SOC analysts and threat hunting teams to refine detection logic and incident visibility
Ability to document detection logic, workflows, runbooks, and SOAR integration procedures for operational use
Strong knowledge of Windows and Linux system artifacts and enterprise security telemetry
Preferred
Skills / Experience
of the Senior Detection Engineer:
Certifications such as CISSP, CISA, OSCP, GPEN, or equivalent advanced cybersecurity credentials
Experience with Palo Alto Networks Cortex XSIAM or similar modern detection and response platforms
Vendor-specific detection engineering certifications or advanced SIEM engineering training
Experience working in public sector or highly regulated enterprise environments
Familiarity with statewide or multi-agency security operations environments
Responsibilities of the Senior Detection Engineer:
Review, tune, and optimize existing detection rules within a centralized SIEM environment
Identify detection coverage gaps through analysis of logs, telemetry, and security data sources
Develop new detection logic and use cases to address identified security visibility gaps
Collaborate with SOC analysts and threat hunters to refine alerts and improve detection accuracy
Monitor threat intelligence sources to identify emerging threats and translate them into detection content
Document detection processes, runbooks, and SOAR workflows to support operational consistency
Work Location:
Hybrid in Columbia, SC (Preference for candidates who can work onsite versus hybrid)
Compensation / Benefits:
Full-Time Employment with SYSTEMTEC means a competitive salary + paid OT, PTO, holidays, health, dental, disability, and life coverage, 401K, tuition reimbursement and more.
***Please note:
SYSTEMTEC is not set up to employ workers in the states of California, New York, and New Jersey .***