Posted today
Top Secret
Mid Level Career (5+ yrs experience)
$140,000 - $180,000
Occasional travel
IT - Data Science
Remote Detection Engineer Architect
Location: Remote
Job Description:
Serve as a Detection Engineer Architect
This role bridges legacy ARIA detection logic with:
Next-generation analytics environments (Databricks, Sparc)
Downstream alerting systems (e.g., Log Insight)
Provide remote advisory services
Discover and analyze the current setup
Understand and manage ARIA Detection Logic
Explain detection methods and workflows
Explain alert logic and how it translates to Log Insight
Assist in translating ARIA log structures and detection logic for use
Understand and review how detection logic works on new dashboard
Provide Schema Guidance
Give recommendations for schemas, field mappings, detection catalog alignment
Identify and help fill gaps in detection and schema understanding
Analyze the current ARIA detection environment, log structures, and workflows
Review analytic platforms to understand how detection logic is executed and surfaced
Translate detection logic into new platform constructs while preserving intent and fidelity
Validate how detection logic generates alerts and how those alerts map into Log insight
Provide recommendations for log schemas, field mappings, and normalization strategies
Ensure alignment with detection catalogs and security analytics standards
Identify schema gaps or inconsistencies that impact detection effectiveness
Recommend practical remediation approaches to close identified gaps
Act as a technical translator between security, data engineering, and platform teams
Support documentation and knowledge transfer to internal teams and clients
Qualifications:
8+ years in security analytics, detection engineering, or security architecture
Strong understanding of detection logic design
Rule-based, behavioral, correlation-driven
Hands-on experience with log schemas, field normalization, and event modeling
Familiarity with modern data platforms (Databricks strongly preferred)
Experience integrating detections into SIEM / log analytics platforms
Ex. Log Insight, Splunk, Sentinel
Deep technical fluency in detection engineering, schema design, and security analytics
Experience explaining complex logic to engineering, security, and program stakeholders
Ability to reverse-engineer and explain complex detection logic
Strong documentation and verbal explanation skills
Comfortable advising senior technical and security stakeholders
Knowledge of detection frameworks (MITRE ATT&CK, detection catalogs) (preferred)
Active DoD Top-Secret Clearance
Job Type: Full-time
$140,000-$180,000
Benefits:
401(k)
401(k) matching
Dental insurance
Employee assistance program
Flexible schedule
Flexible spending account
Health insurance
Health savings account
Life insurance
Paid time off
Parental leave
Professional development assistance
Retirement plan
Tuition reimbursement
Vision insurance
Experience:
Security analytics/architecture, or detection engineering: 8 years (Preferred)
ARIA detection logic design : 5 years (Preferred)
Integrating detections into SIEM / log analytics platforms: 5 years (Preferred)
Explaining complex logic to stakeholders: 3 years (Preferred)
Security clearance:
Top Secret (Required)
Work Location: Remote
Location: Remote
Job Description:
Serve as a Detection Engineer Architect
This role bridges legacy ARIA detection logic with:
Next-generation analytics environments (Databricks, Sparc)
Downstream alerting systems (e.g., Log Insight)
Provide remote advisory services
Discover and analyze the current setup
Understand and manage ARIA Detection Logic
Explain detection methods and workflows
Explain alert logic and how it translates to Log Insight
Assist in translating ARIA log structures and detection logic for use
Understand and review how detection logic works on new dashboard
Provide Schema Guidance
Give recommendations for schemas, field mappings, detection catalog alignment
Identify and help fill gaps in detection and schema understanding
Analyze the current ARIA detection environment, log structures, and workflows
Review analytic platforms to understand how detection logic is executed and surfaced
Translate detection logic into new platform constructs while preserving intent and fidelity
Validate how detection logic generates alerts and how those alerts map into Log insight
Provide recommendations for log schemas, field mappings, and normalization strategies
Ensure alignment with detection catalogs and security analytics standards
Identify schema gaps or inconsistencies that impact detection effectiveness
Recommend practical remediation approaches to close identified gaps
Act as a technical translator between security, data engineering, and platform teams
Support documentation and knowledge transfer to internal teams and clients
Qualifications:
8+ years in security analytics, detection engineering, or security architecture
Strong understanding of detection logic design
Rule-based, behavioral, correlation-driven
Hands-on experience with log schemas, field normalization, and event modeling
Familiarity with modern data platforms (Databricks strongly preferred)
Experience integrating detections into SIEM / log analytics platforms
Ex. Log Insight, Splunk, Sentinel
Deep technical fluency in detection engineering, schema design, and security analytics
Experience explaining complex logic to engineering, security, and program stakeholders
Ability to reverse-engineer and explain complex detection logic
Strong documentation and verbal explanation skills
Comfortable advising senior technical and security stakeholders
Knowledge of detection frameworks (MITRE ATT&CK, detection catalogs) (preferred)
Active DoD Top-Secret Clearance
Job Type: Full-time
$140,000-$180,000
Benefits:
401(k)
401(k) matching
Dental insurance
Employee assistance program
Flexible schedule
Flexible spending account
Health insurance
Health savings account
Life insurance
Paid time off
Parental leave
Professional development assistance
Retirement plan
Tuition reimbursement
Vision insurance
Experience:
Security analytics/architecture, or detection engineering: 8 years (Preferred)
ARIA detection logic design : 5 years (Preferred)
Integrating detections into SIEM / log analytics platforms: 5 years (Preferred)
Explaining complex logic to stakeholders: 3 years (Preferred)
Security clearance:
Top Secret (Required)
Work Location: Remote
group id: 90942178
