Senior Security Engineer - Threat Intelligence & Detection Engineering (Hybrid - Seattle)
$142k - $220.5kNordstrom
Job Description The Senior Security Engineer on the TIDE team is a hybrid practitioner who writes detection rules, hunts adversary activity across the data lake, and builds the automation that ties it all together. This role requires functional depth in at least two of the following domains: detection engineering, threat intelligence, threat hunting, security automation, investigation analysis, and incident response. This role reports to the Sr. Manager of Threat Intelligence & Detection Engineering and serves as a lead technical contributor on the TIDE team, with independent project horizons of up to 120 days. Responsibilities Detection Engineering Design, develop, and maintain high-fidelity detection rules in CrowdStrike NG-SIEM (LogScale/CQL) across endpoint, email, identity, network, and cloud domains Operationalize the full detection lifecycle: threat modeling, logic development, empirical testing, deployment, tuning, and retirement Build detection content aligned to MITRE ATT&CK, threat actor TTPs, and internal threat model priorities Translate threat intelligence findings, incident post-mortems, and hunt discoveries into durable detection logic Enforce detection engineering standards including taxonomy, quality criteria, and review processes Threat Intelligence Collect, analyze, and operationalize tactical and technical threat intelligence from open-source, commercial, and internal sources Produce actionable intelligence products including threat actor profiles, TTP summaries, and IOC packages that directly inform detection priorities and hunting hypotheses Monitor threat actor campaigns targeting retail and e-commerce environments across email, endpoint, identity, supply chain, and insider risk vectors Collaborate with CSIRT and SOC to enrich active investigations with adversary context Apply AI-assisted tooling to accelerate intelligence processing, IOC enrichment, and adversary research Threat Hunting Design and execute hypothesis-driven threat hunts across endpoint, email, identity, network, and cloud telemetry Apply structured hunting methodologies (MITRE ATT&CK-based, data-driven, indicator-based) to surface undetected adversary activity Document hunt outcomes—including negative results—and feed confirmed patterns back into the detection library Maintain visibility into coverage gaps and drive new hunt-to-detect cycles to close them SOC & Incident Response Support Provide technical escalation support for complex incidents involving identity compromise, endpoint intrusion, lateral movement, and data exfiltration Conduct targeted forensic and log-based analysis during active investigations, contributing to root cause determination and containment decisions Develop and maintain investigation runbooks and analyst guidance to improve SOC response fidelity Translate post-incident lessons learned into detection and hunting improvements Automation and Tooling Build and maintain automation that accelerates detection deployment, alert triage, case enrichment, and threat intel processing Develop integrations between SIEM, EDR, email security, SOAR, and threat intelligence platforms to reduce analyst toil Apply scripting (Python, PowerShell) to operationalize repetitive workflows including IOC ingest, log parsing, and detection validation Leverage AI and machine learning tools to improve detection quality, reduce false positive rates, and accelerate triage Collaboration and Mentorship Mentor less experienced team members through code review, knowledge transfer, and structured guidance Partner with SOC, IAM, Platform Engineering, Email Security, and Cloud teams to ensure telemetry quality and detection coverage Contribute to cross-functional initiatives including purple team exercises, tabletop scenarios, and platform migration readiness Required Qualifications 4+ years of professional experience in detection engineering, threat intelligence, SOC/IR, threat hunting, or security automation Demonstrated proficiency writing detection logic in at least one enterprise SIEM or XDR platform; CrowdStrike NG-SIEM (LogScale/CQL) experience strongly preferred Working knowledge of MITRE ATT&CK at the technique and sub-technique level; ability to map adversary behaviors to telemetry sources and detection logic Hands-on experience with EDR analysis, behavioral anomaly detection, and investigation of post-exploitation activity Hands-on experience with hypothesis-driven threat hunting; ability to document and execute an end-to-end hunt Scripting proficiency in Python and/or PowerShell for automation, log parsing, or investigative tooling Experience contributing to incident response for malware incidents, identity-based attacks, or insider threats Strong written communication skills; ability to produce clear, actionable documentation, detection rationale, and intelligence products Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent professional experience Preferred Qualifications Familiarity with identity attack patterns including AiTM, MFA fatigue, session hijacking, token replay, and adversarial abuse of SSO and federated identity platforms Experience with enterprise email security platforms and email-based threat detection including phishing, BEC, and malicious delivery mechanisms Exposure to SOAR platforms and workflow automation (CrowdStrike Fusion or equivalent) Experience with threat intelligence platforms (MISP, ThreatConnect, Recorded Future) and structured intel formats (STIX/TAXII) Knowledge of detection-as-code practices, version control (Git), and CI/CD integration for detection deployment Experience with cloud security telemetry (Azure, AWS) and cloud-native attack detection Demonstrated use of AI tools to accelerate detection development, security operations, or threat research Intermediate or advanced certifications such as GIAC GCIA, GCIH, GCTI, GDAT, or equivalent Pay Range Details Pay offers are dependent on the location, as well as job-related knowledge, skills, and experience. $142,000.00 - $220,500.00 Annual Benefits Medical/Vision, Dental, Retirement and Paid Time Away Life Insurance and Disability Merchandise Discount and EAP Resources 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more Equal Opportunity & Legal Notices Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at For Los Angeles or San Francisco applicants: Nordstrom is required to inform you that we conduct background checks after conditional offer and consider qualified applicants with criminal histories in a manner consistent with legal requirements per Los Angeles, Cal. Muni. Code 189.04 and the San Francisco Fair Chance Ordinance. For additional state and location specific notices, please refer to the Legal Notices document within the FAQ section of the Nordstrom Careers site. Review the Career Site FAQ’s for relevant information and guidelines. © 2026 Nordstrom, Inc #J-18808-Ljbffr Nordstrom
$142k - $220.5k
Sr. Network Security Engineer (Hybrid - Seattle, WA) Job Description Are you passionate about securing the infrastructure... ...that mission, we are hiring a Senior Network Security Engineer to join... ...Author engineering documentation, threat models, and security runbooks;...Senior$165k - $242k
...CoreWeave’s Information Security team is seeking an... ...talented offensive security engineer to join our team. As... ...exercises Conduct threat modeling, code reviews... ...Experience with EDR tuning, detections-as-code, and threat... ...While we prioritize a hybrid work environment,...SeniorPermanent employmentTemporary workCasual workWork at officeRemote workFlexible hours- lululemon in Seattle is hiring a Senior Cybersecurity Analyst to lead advanced analysis, risk evaluation, and security program activities across multiple domains, driving maturity and effectiveness of security processes. You will mentor junior analysts and guide cross‑functional...Senior
$159.3k - $202.4k
...(ACES) team, part of Amazon Cyber Threat Intelligence (ACTI), is responsible for developing... ...-driven analysis is required. As a Security Intelligence Engineer, you will help enhance our... ...02,400.00 USD annually USA, WA, Seattle - 159,300.00 - 202,400.00 USD annually...SuggestedInternshipFlexible hours$180k - $220k
...company specialized in AI is looking for a Senior Application Security Engineer to secure AI, machine learning, and... ...application security experience and expertise in threat modeling. This is a hybrid position based in either Seattle or San Francisco with a competitive...Senior- Aurora is seeking a Staff Security Platform Engineer for its Enterprise Security Engineering team in Seattle, WA. The successful candidate... ...security platforms, and strong threat hunting skills. The position... ...equity compensation in a hybrid work model. #J-18808-Ljbffr...Senior
$165k - $215k
Senior Security Engineer, Product & Application Security Seattle, Washington, United States Who we are The real world is the... ...we are creating the artificial intelligence to make it responsive. We are... ...application security reviews and threat modeling Lead secure SDLC and...SeniorTemporary workWork at officeLocal area$178.4k - $226.7k
Role, Inc. is seeking a Senior Security Engineer to lead security initiatives across multiple services in Seattle. The ideal candidate will have extensive experience in application security, threat modeling, and secure system design. Responsibilities include overseeing...Senior$300k - $405k
...Security Engineer, Detection & Response San Francisco, CA | New York City, NY | Seattle, WA; Washington, DC About Anthropic... ...to monitor for threats, rapidly investigate... ...with threat intelligence, malware analysis,... ...Location-based hybrid policy: Currently...Work at officeVisa sponsorshipFlexible hours- Nordstrom in Seattle seeks a Data Analyst III to own data collection and insights for the Transportation Organization. You’ll partner... .... A strong background in SQL, BI tools and forecasting is required in a collaborative, hybrid environment. #J-18808-Ljbffr NordstromSenior
- Nordstrom is seeking a Senior Security Engineer to join their team in Seattle. The individual will focus on detection engineering, threat hunting, and incident response, requiring expertise... ...a deep understanding of threat intelligence and the ability to transform findings...Senior
- Nordstrom is seeking a Senior Business Analyst for its Reporting & Optimization team in Seattle. This hybrid role involves delivering comprehensive reporting and analysis to... ...will partner with product, analytics, and engineering teams, build reporting tools, and conduct ad...Senior
$151.34k - $249.78k
...Senior Information Security Engineer The Information Security Engineer... ...Security Operations & Threat Detection is responsible for... ...on-premises, and hybrid environments. The... ...security intelligence, supports rapid response... ...Milliman office in Seattle, WA. The expected...SeniorFull timeTemporary workWork experience placementWork at officeWorldwideFlexible hours- VRPRO IT is seeking an Enterprise Integration Engineer (Oracle OIC) for a hybrid role in Seattle. You will design and implement enterprise integrations across Oracle ERP Cloud, Sales Cloud, CRM/CPQ, and external systems. Key tasks include building REST/SOAP interfaces,...Senior
- Spring Health is seeking a Staff AI Security Engineer to define and enhance our AI security strategy across product and corporate environments. This hybrid position located in Seattle requires team presence 2-3 days a week. The ideal candidate will bring over 10 years of...Senior2 days per week3 days per week
$100k
...against cyber attacks. Our threat detection platform defends the... ...We are seeking a Senior Threat Intelligence Automation Engineer to establish and lead Galvanick... ...intelligence for security operations or detection... ...Galvanick team is based in Seattle. Given that we are an...SeniorPermanent employmentWork at officeRelocation- A leading financial services firm in Seattle seeks a Senior Systems Engineer to develop and support a scalable infrastructure. This... ...Azure. Responsibilities include maintaining hybrid IT infrastructure, implementing cloud security, and enhancing system performance. The firm...SeniorWork at office
$160k - $210k
...Senior Security Engineer Seattle, Washington, United States Variant Bio is developing life-saving therapies by studying the genes... ...work with us. Key Responsibilities Monitor, detect, and respond to threats across Variant Bio's products and AWS cloud...SeniorFlexible hours$142k - $220.5k
## Senior Cloud Database Engineer (Hybrid - Seattle, WA)Applylocations: Seattle, WAtime type: Full timeposted on: Posted Todayjob requisition id: R-835834##... ...: HA/AG, backup strategy, performance tuning, security hardening, and P1 incident ownership.* Operate GoldenGate...Senior$180k - $220k
Senior Application Security Engineer, AI and Machine Learning San Francisco,... ...California, United States; Seattle, Washington, United... .... This is a hybrid role based in either... ...Learning Systems Perform threat modeling across AI... ...monitoring and detection for anomalous inference...SeniorContract workFor contractorsFor subcontractorWork at officeLocal areaHome officeFlexible hours$300k - $405k
...Detection And Response Engineer Anthropic's mission is to create reliable... ...to monitor for threats, rapidly investigate... ...opportunity to shape our security capabilities from... ...with threat intelligence, malware analysis, infrastructure... .... Location-based hybrid policy: Currently,...Work at officeVisa sponsorshipFlexible hours- ...Francisco, New York City, Seattle, Austin, Chicago, and... ...Join WRITER's security team as a staff detection and response engineer and help protect the AI... ...to stay ahead of novel threats that don't exist in textbooks... ...function, translating threat intelligence into real-time...Full timeWork at officeLocal areaFlexible hours
$237.6k - $297k
...We are seeking a Senior Security Engineer with a specialty in Detection and Incident Response to join our Security Engineering... ...the organization. Utilize threat intelligence platforms to improve hunting,... ...of San Francisco, New York, Seattle is: $237,600-$297,000 USD...Full time- ...Bridge33 Capital is seeking a Senior Analyst for Asset Management in Seattle, WA, to support Asset Managers by preparing operating budgets, tracking property... ...real estate private equity firm. The position is hybrid, requiring 4 days on-site each week. Ideal candidates...Senior
- ...McKinstry Company is seeking a Senior Accounts Receivable Specialist to join their Finance and Accounting division in Seattle, WA. This role focuses on managing accounts, cash application, and collections within a hybrid work setup. The ideal candidate will bring 4-6 years...Senior
$100k - $115k
RadNet, Inc. is looking for a Senior Accountant in Seattle, WA to oversee and reconcile intercompany accounting activities. The role demands experience... ...and be adept at using MS tools, including Excel. This hybrid position offers a compensation range of $100,000 to $115,0...Senior- ...Recruitment is partnering with a nationally ranked Am Law 200 firm to recruit a 5 to 9 year Corporate Associate Attorney for its Seattle office on a hybrid basis. The role centers on transactional corporate work, including M&A, financings, and governance for sophisticated...SeniorWork at office
- lululemon's Security Operations Center seeks a Senior Cybersecurity Analyst to lead advanced risk evaluations, investigations, and security program activities across governance, risk, compliance, and threat hunting. You will mentor junior analysts, coordinate cross‑functional...Senior
- RentSpree LLC is seeking a Staff Marketing Analyst in Seattle, WA (hybrid) to drive visibility across acquisition, revenue, and retention. You’ll partner with Marketing/Growth, Sales, and Success to turn raw data into actionable business outcomes, across US and Thailand...Senior
- ...maximize growth through effective media investment management. This hybrid role requires a strong command of marketing channels and analytics. Potential candidates should be based in Greater Seattle Area or willing to relocate. You'll operate independently and lead pivotal...SeniorRelocation
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Security Engineer - Threat Intelligence & Detection Engineering (Hybrid - Seattle). Be the first to apply!
- IT security engineer Seattle, WA
- sr security engineer Seattle, WA
- information technology security engineer Seattle, WA
- endpoint security engineer Seattle, WA
- application security engineer Seattle, WA
- staff security engineer Seattle, WA
- security operations engineer Seattle, WA
- senior application security engineer Seattle, WA
- security engineering manager Seattle, WA
- aws cloud security engineer Seattle, WA

