Responsibilities
- Lead detection engineering initiatives across the organization's IT environment, including areas where IT intersects with operational technology or physical systems.
- Design, implement, and refine detection logic as code, incorporating peer review, continuous integration and deployment pipelines, and performance evaluation using precision and recall metrics.
- Utilize artificial intelligence and machine learning techniques to develop scalable behavioral analytics and anomaly-based detection systems.
- Create innovative detection tools featuring autonomous capabilities powered by large language models for incident triage, investigation, and response automation.
- Define engineering standards, detection coverage strategies, and quality benchmarks for the detection engineering function.
- Perform threat and security research to inform detection rules, identify coverage deficiencies, and guide the development of new detection capabilities.
- Collaborate with security platform engineering, incident response teams, and threat intelligence units to ensure seamless transition from detection to response.
- Serve in an on-call rotation to support incident response activities.
