Unknown Company is hiring a Lead Detection Engineer(remote)

Humana is looking for a Lead Detection Engineer to join our security team. This role provides technical execution and delivery of services for the Detection Engineering team, overseeing the SIEM and owning the lifecycle of high-fidelity custom threat detection content.

What You'll Do

• Build and curate custom cyber threat detection content for the Humana enterprise environment.
• Provide technical execution and delivery of services provided by the Detection Engineering team.
• Oversee the SIEM and own the entire lifecycle of building and maintaining high-fidelity custom threat detection content.
• Work closely with EIP’s Threat Management and Response teams as well as other IT and EIP teams.
• Participate in an on-call rotation to support critical incidents.

What We're Looking For

• Minimum of 7 years of combined experience across detection engineering, incident response, or security engineering.
• Advanced technical knowledge of utilizing SIEM platforms on a large national or international scale.
• Extensive experience creating and maintaining custom threat detection rules, leveraging enrichment data from threat intel and attack surface services.
• Strong understanding of common threat adversary tools, tactics, techniques.
• Strong understanding of how to detect complex, multi-stage malware behaviors.
• Experience creating and maintaining technical policies, standards, procedures, and documentation.
• Able to participate in an on-call rotation to support critical incidents.

Nice to Have

• Advanced knowledge of writing scheduled queries in Splunk’s Search Processing Language (SPL).
• Experience using the Splunk Common Information Model (CIM), Enterprise Security (ES) app, and security data models to develop and deliver threat detection services.
• Strong familiarity of MITRE ATT&CK or similar frameworks.
• Familiarity with system and network administration in both on-premise and multi-cloud environments.
• Experience supporting threat detection and response services within regulatory frameworks such as HIPAA, PCI, SOC2, etc.
• Professional certification in a relevant cybersecurity field (e.g., CISSP, CISA, CISM, CCSP).
• Bachelor’s degree or higher in Computer Science, Cybersecurity, Information Technology, or a related field.

Technical Stack

• SIEM platforms
• Splunk
• Splunk Search Processing Language (SPL)
• Splunk Common Information Model (CIM)
• Splunk Enterprise Security (ES) app

Team & Environment

Works closely with EIP’s Threat Management and Response teams as well as other IT and EIP teams.

Benefits & Compensation

• Medical, dental and vision benefits
• 401(k) retirement savings plan
• Time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave)
• Short-term and long-term disability
• Life insurance
• Compensation: $129,300 - $177,800 per year

Work Mode

This is a remote position.

It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status.