Security Architect

Detection Engineer (SIEM & Threat Detection)

The Detection Engineer will be responsible for reviewing, tuning, and developing detection rules within the State SIEM environment. This role focuses on improving detection coverage, supporting security operations, monitoring threat intelligence sources, and collaborating with SOC analysts, threat hunters, and engineering teams. Preference will be given to candidates who can work onsite, followed by hybrid candidates, with full-time remote considered as needed.

Key Responsibilities

• Review and tune existing detection rules within the State SIEM.
• Perform gap analysis of current detection coverage.
• Develop detection rules and solutions to address identified gaps.
• Monitor threat intelligence sources for emerging use cases.
• Collaborate with State SOC analysts to create and tune detection rules.
• Work with the State Threat Hunter to identify and remediate detection coverage gaps.
• Document processes, runbooks, and troubleshooting procedures related to SOAR platforms and integrations.
• Coordinate with engineering teams, SOC personnel, and agency staff to achieve project goals.
• Create dashboards and reporting solutions.
• Perform other duties as assigned.

Required Qualifications

• Proven experience with detection tuning and detection development.
• Bachelor's degree in Information Technology, Information Security, or a related field.
• Eight years of relevant work experience may be substituted in lieu of education.
• Five years of experience supporting large IT environments and/or system deployments.
• 5+ years of strong scripting and automation experience using Python, Bash, PowerShell, or similar technologies.
• Understanding of Sigma, YARA, and other industry-standard detection languages.
• Familiarity with the MITRE ATT&CK framework.

Preferred Qualifications

• Experience with the Palo Alto Cortex XSIAM platform.
• Deep understanding of Windows and Linux artifacts.
• Excellent communication and customer service skills for agency-facing engagement.
• Experience working in a multi-tenancy environment.
• Experience supporting multi-agency or enterprise service projects.
• CISSP, CISA, CISO, or equivalent advanced security certification.
• Additional relevant certifications such as CEH, OSCP, or GPEN.
• Vendor certifications in Detection Engineering.

What Makes HTC A Great Place To Build Your Future

HTC Global Services wants you to join our team. Come build new things with us and advance your career. At HTC Global, you'll collaborate with experts, work alongside clients, and be part of high-performing teams driving success together. You'll have long-term opportunities to grow your career and develop skills in the latest emerging technologies.

At HTC Global Services, our employees have access to a comprehensive benefits package. Benefits can include Group Health (Medical, Dental, and Vision), Paid Time Off, Paid Holidays, 401(k) matching, Group Life and Disability insurance, Professional Development opportunities, Wellness programs, and a variety of other perks.

Our success as a company is built on inclusion and diversity. HTC Global Services is committed to providing a workplace free from discrimination and harassment, where every employee is treated with dignity and respect. We celebrate differences and believe that diverse cultures, perspectives, and skills drive innovation and success. HTC is an Equal Opportunity Employer and a proud National Minority Supplier. We seek to empower each individual, fostering an environment where everyone feels valued, included, and respected.