RemoteLeaf Logo
Log in Sign up

Cyber Threat Detection & Response Engineer

1 month, 2 weeks ago
United States
Full-time
Mid Level
Security Analyst
Cybersecurity
CrowdStrike Cybersecurity Elasticsearch Penetration Testing PowerShell Python SIEM
Apply Now

UltraViolet Cyber

UltraViolet Cyber is a cybersecurity company focused on unified offensive and defensive security operations. It describes itself as a practitioner-led MSSP delivering managed detection and response, SOC-as-a-Service, red teaming, penetration testing, application security testing, continuous threat exposure management, and dedicated defense, with its UV Lens Security-as-Code platform at the core of its integrated security operations approach.

Computer and Network Security
501-1000
View All Jobs 8

Description

  • Proactively hunt for hidden threats across endpoints, networks, cloud, and applications.
  • Create and tune detection rules to alert SOC analysts to intrusions and reduce false positives.
  • Develop and execute hypothesis-driven threat hunting campaigns using security data and threat intelligence.
  • Analyze large volumes of log, endpoint, and network data to identify anomalous or malicious activity.
  • Research adversary tactics, techniques, and procedures and map findings to frameworks such as MITRE ATT&CK.
  • Collaborate with Detection Engineering, Incident Response, and SOC teams to refine detections, investigate incidents, and contain threats.
  • Partner with Threat Intelligence to operationalize indicators and adversary insights.
  • Engage with internal account teams and customers to report findings, explain detection strategies, and strengthen security posture.
  • Provide technical mentorship to junior threat hunters and SOC analysts.
  • Contribute to continuous improvement of detection engineering and threat hunting methodologies.

Requirements

  • U.S. citizenship is required.
  • 4+ years of experience in cybersecurity, including at least 2 years focused on threat hunting or detection engineering.
  • Experience independently building custom behavior-based and/or threshold-based detections from scratch in customer environments.
  • Experience building detections in SentinelOne, Elastic, or CrowdStrike.
  • Experience identifying and tuning flaws in existing detections to reduce noise.
  • Experience independently building and performing hypothesis-driven threat hunts in customer environments.
  • Ability to clearly and concisely report threat hunting findings.
  • Experience meeting with customers and senior leadership to explain detections and threat hunt findings.
  • Experience mapping detections to the MITRE ATT&CK framework.
  • Working knowledge of the cyber threat landscape, including threat actors, malware, and evolving TTPs.
  • Experience working with cyber threat intelligence analysts or teams to identify new detection opportunities.
  • Proficiency with SIEMs, EDR/XDR platforms, and log analysis tools.
  • Experience with scripting languages such as Python or PowerShell.
  • Experience with pentesting or red teaming is preferred.
  • Experience with reverse engineering is preferred.
  • GIAC Threat Hunting (GCTH), Certified Enterprise Defender (GCED), or Certified Intrusion Analyst (GCIA) certification(s) are preferred.

Benefits

  • $100,000 - $120,000 annual salary range.
  • 401(k) with employer match of 100% of the first 3% contributed and 50% of the next 2% contributed.
  • Medical, dental, and vision insurance available on the first day of the month following your start date.
  • Group term life, short-term disability, and long-term disability coverage.
  • Voluntary life, hospital indemnity, accident, and critical illness coverage options.
  • Participation in the Discretionary Time Off (DTO) program.
  • 11 paid holidays annually.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

SpaceX

Insider Threat Analyst

SpaceX 10K-50K Aerospace & Defense

SpaceX is hiring an Insider Threat Analyst to investigate anomalous activity and help protect its personnel, assets, intellectual property, and operations across a fast-paced advanced technology environment.

United States Full-time Junior Security Analyst
$85k-$120k
Splunk
1 hour, 55 minutes ago
Huntress

Security Operations Analyst - West Coast

Huntress 251-1K Professional Services

Huntress is hiring a remote Security Operations Center Analyst to triage, investigate, respond to, and remediate daily security incidents as part of its SOC supporting customers worldwide.

United States Full-time Junior Security Analyst
$100k-$125k
Active Directory AWS Azure Bash Cybersecurity GCP JavaScript Linux macOS PHP PowerShell Python Ruby
6 hours, 10 minutes ago
Coalfire

Vulnerability Analyst

Coalfire 251-1K Internet Software & Services

Coalfire is hiring a remote Vulnerability Analyst to support federal cloud advisory services by managing vulnerability monitoring, compliance evidence, and remediation reporting across regulated environments.

United States Full-time Mid Level Security Analyst
$78k-$135k
AWS Azure Bash Burp Suite CI/CD Cybersecurity DevSecOps GCP Kubernetes PowerShell Prisma Python
11 hours, 19 minutes ago
Appgate

L1 Analyst

Appgate 251-1K Professional Services

GFC Operations is hiring an L1 Analyst to serve as the first line of defense, investigating and mitigating cybersecurity events for clients in a highly analytical, curiosity-driven operations environment.

Colombia Full-time Junior Security Analyst
Cybersecurity HTML Linux
1 day ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers