[Hiring] Detection Engineer REMOTE USA

­­­­Position: Detection Engineer

Date posted: 2025-06-09

Industry: other

Employment type: Full Time

Experience: 2 to 5 year               

Qualification: Bachelor’s Degree holder

Location: Houston, TX, United States, REMOTE

Company: Binary Defense

Description:

Hiring Detection Engineer – REMOTE

Houston, TX

About the job

Job Type

Full-time

Description

Binary Defense is seeking an experienced and motivated Detection Engineer to join our growing Detection Engineering team.

You’ll be a hands-on contributor, responsible for building, deploying, and maintaining high-quality detections across a variety of platforms, including SIEMs, EDRs, and cloud environments. Our team operates detection engineering as code, and we are looking for someone who thrives in a modern, automation-driven environment.

You should have a strong grasp of threat modeling, detection choke points, and the ability to abstract away UI dependencies using Python and REST APIs. This is an opportunity to contribute to a mature detection pipeline focused on coverage, efficacy, and scalability.

Responsibilities

  • Design and implement detections using a detection-as-code approach across SIEM (e.g., Splunk, Sentinel, Chronicle) and EDR platforms (e.g., CrowdStrike, Cortex XDR, SentinelOne).
  • Develop and operationalize detection logic in YAML/Sigma/YARA-L, including documentation, tuning, testing, and version control.
  • Leverage APIs to automate rule deployment, validation, and telemetry inspection—reducing reliance on GUIs.
  • Collaborate with Threat Intel, Incident Response, and Cloud Security teams to create threat-informed detections based on real-world attack behaviors.
  • Contribute to threat modeling efforts to identify high-value detection opportunities and coverage gaps.
  • Analyze telemetry sources (e.g., Windows Event Logs, Sysmon, cloud logs, network traffic) to identify detection use cases and ensure telemetry readiness.
  • Participate in adversary simulation and detection validation efforts using tools such as Atomic Red Team, Caldera, or custom scripting.
  • Support documentation of detection logic, coverage rationale, and response guidance.
  • Actively contribute to continuous improvement of detection engineering workflows, tooling, and standards.

Requirements

  • 2–5+ years of hands-on experience in detection engineering, threat hunting, or incident response.
  • Strong proficiency with Python and REST APIs for interacting with EDR/SIEM platforms and automating detection workflows
  • Demonstrated experience writing, tuning, and validating detection logic in at least one of: Sigma, YARA-L, Splunk SPL, KQL, XQL.
  • Experience with telemetry sources including Windows security logs, Sysmon, firewall/proxy logs, and cloud platform audit logs.
  • Familiarity with MITRE ATT&CK and how to map detections to adversary techniques and detection choke points.
  • Ability to quickly learn new security technologies and adapt detection strategies accordingly.
  • Comfortable working in a fast-paced environment where threat-driven detection and rapid iteration are the norm.

Preferred Qualifications

  • Experience with Cortex XDR and/or XSIAM (XQL-based detection and REST API interaction is a major plus).
  • Experience contributing to a detection-as-code pipeline (e.g., Git-based workflows, rule validation, CI/CD).
  • Exposure to multi-tenant or MDR environments and scaling detections across customer environments.
  • Familiarity with Sigma to YARA-L translation, or with detection rule normalization and enrichment workflows.
  • Experience in IR consulting and working across diverse EDR/SIEM stacks.

Why Join Us?

  • Work directly with world-class detection engineers in a GitOps-driven, threat-informed detection program.
  • Build detections that matter—designed to identify and disrupt adversaries, not just generate noise.
  • Contribute to a rapidly growing detection engineering practice that prioritizes automation, clarity, and operational efficiency.
  • Stay hands-on with bleeding-edge attack simulation tools, advanced telemetry, and threat research.

About Binary Defense

Binary Defense is a trusted leader in security operations, supporting companies of all sizes to proactively monitor, detect and respond to cyberattacks. The company offers a personalized Open XDR approach to Managed Detection and Response, advanced Threat Hunting, Digital Risk Protection, Phishing Response, and Incident Response services, helping customers mature their security program efficiently and effectively based on their unique risks and business needs.

With a world-class 24/7 SOC, deep domain expertise in cyber, and sophisticated technology, hundreds of companies across every industry have entrusted Binary Defense to protect their business. Binary Defense gives companies actionable insights within minutes not hours, the confidence in their program to be resilient to ever-changing threats, and the time back that matters most to their business.

Binary Defense is also the Trusted Cybersecurity Partner of the Cleveland Browns and partners with PGA TOUR players

Binary Defense offers competitive medical, dental and vision coverage for employees and dependents, a 401k match which vests every payroll, a flexible and remote friendly work environment, as well as training opportunities to expand your skill set (to name a few!). If you’re interested in joining a growing team with great perks, we encourage you to apply!