Security Engineer (Detection Engineering) - Fully Remote

General Description

Join a high-impact security program with a technology-driven organization. We are looking for a Security Engineer (Detection Engineering) to strengthen and scale threat detection capabilities across cloud, endpoint, and identity environments.

This role is ideal for a hands-on security engineer with deep experience in detection engineering, SIEM platforms, and modern security tooling, who can design, build, and continuously improve high-fidelity detections that support rapid incident response and threat visibility.

This is a fully remote, contract role with an urgent hiring timeline, supporting a distributed security team.

Key Responsibilities

• Design, develop, and maintain security detections across multiple platforms and telemetry sources.
• Build and tune detection logic, alerting rules, and correlations to improve signal quality and reduce false positives.
• Leverage and integrate security tools including Chronicle, AWS security services, CrowdStrike, Google SecOps, JumpCloud, and Okta.
• Analyze security events and telemetry to identify attacker techniques, behaviors, and patterns.
• Align detections with frameworks such as MITRE ATT&CK to ensure comprehensive coverage.
• Partner closely with incident response and security operations teams to support investigations and containment.
• Continuously improve detection coverage based on emerging threats, incidents, and lessons learned.
• Document detection use cases, logic, and response guidance to support operational consistency.
• Collaborate with cloud, platform, and engineering teams to ensure effective log ingestion and data quality.

Required Skills & Experience

• Proven experience as a Security Engineer or Detection Engineer in an enterprise or large-scale environment.
• Strong hands-on experience with SIEM and detection platforms, preferably Chronicle / Google SecOps.
• Solid understanding of cloud security, particularly AWS.
• Experience working with endpoint security tools such as CrowdStrike.
• Practical knowledge of identity and access management solutions including Okta and JumpCloud.
• Ability to write, optimize, and maintain detection queries, rules, and correlations.
• Strong understanding of modern cyber threats, attacker TTPs, and detection methodologies.
• Excellent analytical, problem-solving, and communication skills.

Engagement Details

• Engagement Type: Contract
• Duration: 6 months (initial), with possible extension
• Start Date: ASAP
• Work Setup: Fully Remote (Pakistan-based candidates)