As a Threat Detection & Automation Engineer, you will enable end-to-end detection engineering across telemetry onboarding, detection content development, response automation, and threat reporting ...
As a Threat Detection & Automation Engineer, you will enable end-to-end detection engineering across telemetry onboarding, detection content development, response automation, and threat reporting ...
Agent-Led Detection Pipelines: Architect automated detection engineering workflows where AI agents ingest threat intelligence, map it to modern cybersecurity frameworks, and autonomously author, test ...
Agent-Led Detection Pipelines: Architect automated detection engineering workflows where AI agents ingest threat intelligence, map it to modern cybersecurity frameworks, and autonomously author, test ...
Cybersecurity Engineer
Alpharetta, GA · Remote
Detection engineering and use-case development. * ETL, normalization, SQL, python notebooks, anomaly detection. * Emerging threat research and threat intelligence gathering. * SOC tier 3 escalation ...
Cybersecurity Engineer
Alpharetta, GA · Remote
Detection engineering and use-case development. * ETL, normalization, SQL, python notebooks, anomaly detection. * Emerging threat research and threat intelligence gathering. * SOC tier 3 escalation ...
You will partner closely with detection engineering, security operations, and incident response teams in a cloud environment, with a primary focus on proactive detection development and signal ...
You will partner closely with detection engineering, security operations, and incident response teams in a cloud environment, with a primary focus on proactive detection development and signal ...
Cyber Threat Hunter
Alpharetta, GA · On-site
You will partner closely with detection engineering, security operations, and incident response teams in a cloud environment, with a primary focus on proactive detection development and signal ...
Cyber Threat Hunter
Alpharetta, GA · On-site
You will partner closely with detection engineering, security operations, and incident response teams in a cloud environment, with a primary focus on proactive detection development and signal ...
You will also influence detection engineering and response automation by identifying content gaps, validating improvements against live telemetry, and converting operational lessons learned into ...
You will also influence detection engineering and response automation by identifying content gaps, validating improvements against live telemetry, and converting operational lessons learned into ...
Lead a detection engineering function responsible for building and maintaining detection content and analytics across the enterprise. * Develop detection standards (naming, severity, testing criteria ...
Lead a detection engineering function responsible for building and maintaining detection content and analytics across the enterprise. * Develop detection standards (naming, severity, testing criteria ...
Maintain ticket management and DevOps activity tracking to ensure accurate work intake ... Threat detection development in Microsoft Sentinel and Defender platforms sing KQL. * Align ...
Maintain ticket management and DevOps activity tracking to ensure accurate work intake ... Threat detection development in Microsoft Sentinel and Defender platforms sing KQL. * Align ...
Maintain ticket management and DevOps activity tracking to ensure accurate work intake ... Threat detection development in Microsoft Sentinel and Defender platforms sing KQL. * Align ...
Maintain ticket management and DevOps activity tracking to ensure accurate work intake ... Threat detection development in Microsoft Sentinel and Defender platforms sing KQL. * Align ...
Join our Information Security team as an Information Security Engineer - Detection & Response, where you'll play a critical role in safeguarding the firm by monitoring and responding to security ...
Join our Information Security team as an Information Security Engineer - Detection & Response, where you'll play a critical role in safeguarding the firm by monitoring and responding to security ...
Join our Information Security team as an Information Security Engineer - Detection & Response, where you'll play a critical role in safeguarding the firm by monitoring and responding to security ...
Join our Information Security team as an Information Security Engineer - Detection & Response, where you'll play a critical role in safeguarding the firm by monitoring and responding to security ...
Staff, Security Engineer
$129K - $216K/yr
Strong experience in detection engineering, threat hunting, SIEM/XDR/EDR, MITRE ATT&CK, Sigma, OCSF, threat intelligence, and enterprise security operations. Cloud & Infrastructure: Advanced ...
Staff, Security Engineer
$129K - $216K/yr
Strong experience in detection engineering, threat hunting, SIEM/XDR/EDR, MITRE ATT&CK, Sigma, OCSF, threat intelligence, and enterprise security operations. Cloud & Infrastructure: Advanced ...
We Are Accenture Security helps organizations prepare, protect, detect, respond, and recover along ... Engineers who cannot deliver without them are. The Work Cybersecurity FDEs operate as part of ...
We Are Accenture Security helps organizations prepare, protect, detect, respond, and recover along ... Engineers who cannot deliver without them are. The Work Cybersecurity FDEs operate as part of ...
We Are Accenture Security helps organizations prepare, protect, detect, respond, and recover along ... Engineers who cannot deliver without them are. The Work Cybersecurity FDEs operate as part of ...
We Are Accenture Security helps organizations prepare, protect, detect, respond, and recover along ... Engineers who cannot deliver without them are. The Work Cybersecurity FDEs operate as part of ...
We Are Accenture Security helps organizations prepare, protect, detect, respond, and recover along ... Engineers who cannot deliver without them are. The Work Cybersecurity FDEs operate as part of ...
New
We Are Accenture Security helps organizations prepare, protect, detect, respond, and recover along ... Engineers who cannot deliver without them are. The Work Cybersecurity FDEs operate as part of ...
New
Cyber Security Engineer II
Atlanta, GA · Hybrid
$130K - $155K/yr
Cyber Security Engineer II Location(s): Atlanta: 2300 Windy Ridge Pkwy SE, Suite750, Atlanta, GA ... and detection capabilities. Education Requirements: Bachelor's degree preferred, high school ...
Cyber Security Engineer II
Atlanta, GA · Hybrid
$130K - $155K/yr
Cyber Security Engineer II Location(s): Atlanta: 2300 Windy Ridge Pkwy SE, Suite750, Atlanta, GA ... and detection capabilities. Education Requirements: Bachelor's degree preferred, high school ...
GreyMatter Specialist
Dublin, GA · On-site
Why be just a "Security Analyst", "Detection Developer", or "Security Engineer" when you can be all three? As a GreyMatter Specialist, you will do all of that and more. This role is uniquely designed ...
GreyMatter Specialist
Dublin, GA · On-site
Why be just a "Security Analyst", "Detection Developer", or "Security Engineer" when you can be all three? As a GreyMatter Specialist, you will do all of that and more. This role is uniquely designed ...
Cloud Engineer
Atlanta, GA · Hybrid
$140K - $160K/yr
Familiarity with SIEM detection engineering concepts and security logging pipelines. * Knowledge of security frameworks and models such as NIST CSF, CIS Controls, and MITRE ATT&CK * Relevant ...
Cloud Engineer
Atlanta, GA · Hybrid
$140K - $160K/yr
Familiarity with SIEM detection engineering concepts and security logging pipelines. * Knowledge of security frameworks and models such as NIST CSF, CIS Controls, and MITRE ATT&CK * Relevant ...
Technical & Bus Analyst - Data & Applications
Stone Mountain, GA · On-site
$64K - $125K/yr
... SIEM, Detection Engineering, or Threat Ops teams. • Understanding modern attack techniques, identity abuse patterns, and cloud threats. Roles & Responsibilities • Engage and coordinate with ...
Technical & Bus Analyst - Data & Applications
Stone Mountain, GA · On-site
$64K - $125K/yr
... SIEM, Detection Engineering, or Threat Ops teams. • Understanding modern attack techniques, identity abuse patterns, and cloud threats. Roles & Responsibilities • Engage and coordinate with ...
Cloud Engineer
Atlanta, GA · Hybrid
$140K - $160K/yr
Experience with container security (AKS, ACA, on-prem Kubernetes) Experience integrating security tools with ServiceNow Familiarity with SIEM detection engineering concepts and security logging ...
Cloud Engineer
Atlanta, GA · Hybrid
$140K - $160K/yr
Experience with container security (AKS, ACA, on-prem Kubernetes) Experience integrating security tools with ServiceNow Familiarity with SIEM detection engineering concepts and security logging ...
Detection Engineer information
See Georgia salary details
$8.6K - $21.4K
0% of jobs
$21.4K - $34.2K
0% of jobs
$34.2K - $47.1K
0% of jobs
$47.1K - $59.9K
0% of jobs
$59.9K - $72.7K
0% of jobs
$72.7K - $85.6K
0% of jobs
$85.6K - $98.4K
22% of jobs
$108.9K is the 25th percentile. Wages below this are outliers.
$98.4K - $111.3K
4% of jobs
The median wage is $122.4K / yr.
$111.3K - $124.1K
28% of jobs
$132.4K is the 75th percentile. Wages above this are outliers.
$124.1K - $136.9K
33% of jobs
$136.9K - $149.8K
13% of jobs
$8.6K
$121.7K
$149.8K
How much do detection engineer jobs pay per year?
What does a Detection Engineer do?
A Detection Engineer is responsible for identifying, analyzing, and mitigating security threats by developing detection rules, monitoring security systems, and responding to potential incidents. They work with security tools like SIEMs, EDRs, and IDS/IPS to detect malicious activity and improve threat detection capabilities. Additionally, they collaborate with security teams to enhance defensive strategies and automate detection processes.
What kind of projects or tasks does a Detection Engineer typically work on?
As a Detection Engineer, you can expect to work on designing, implementing, and refining security detection strategies to identify potential threats and vulnerabilities in company systems. Daily responsibilities often include developing detection logic, analyzing security alerts, conducting threat hunting exercises, and collaborating with incident response teams. You may also work closely with other cybersecurity professionals to evaluate the effectiveness of existing security measures and recommend improvements. This dynamic environment offers opportunities to work on complex technical challenges while directly contributing to the organization’s overall security posture.
What are the key skills and qualifications needed to thrive in the Detection Engineer position, and why are they important?
To thrive as a Detection Engineer, you need strong analytical skills, a solid understanding of cybersecurity principles, and experience with threat detection and response, often supported by a degree in computer science or a related field. Proficiency with security information and event management (SIEM) tools, intrusion detection/prevention systems, and certifications like GIAC or CISSP are commonly required. Attention to detail, proactive problem-solving abilities, and effective communication enhance effectiveness in this role. These skills are crucial as Detection Engineers must accurately identify security threats, collaborate with teams, and minimize potential risks to the organization.
Full-time
Medical, Dental, Vision, Life, Retirement
Re-posted 6 days ago
Job description
Calling all innovators - find your future at Fiserv.
We're Fiserv, a global leader in Fintech and payments, and we move money and information in a way that moves the world. We connect financial institutions, corporations, merchants and consumers to one another millions of times a day - quickly, reliably, and securely. Any time you swipe your credit card, pay through a mobile app, or withdraw money from the bank, we're involved. If you want to make an impact on a global scale, come make a difference at Fiserv.
Job Title
Threat Detection & Automation EngineerAbout your role:
As a Threat Detection & Automation Engineer, you will enable end-to-end detection engineering across telemetry onboarding, detection content development, response automation, and threat reporting within Cyber Security Operations at Fiserv. You will be a partner with threat intelligence, threat hunting, incident response, red team, platform, and engineering teams to build and operate resilient detection infrastructure and integrations at enterprise scale. Your work will strengthen detection fidelity, improve operational awareness, and help teams respond quickly to credible threats across the Fiserv environment.
What you'll do:
- Research adversarial techniques and translate threat behaviors into high-fidelity detections aligned to complex cybersecurity use cases.
- Design, build, and operate production-grade security detection infrastructure across Google SecOps and internal automation applications that support enrichment, orchestration, and response workflows.
- Lead telemetry and detection lifecycles, including source onboarding, parsing, normalization, enrichment, testing, deployment, tuning, and ongoing maintenance.
- Develop custom integrations, automations, and lightweight services using application programming interfaces (APIs), webhooks, and event-driven patterns to improve signal fidelity and reduce mean time to detect and mean time to respond.
- Create dashboards, metrics, and reports using business intelligence tools, structured query language (SQL), statistical analysis, and applied artificial intelligence and machine learning techniques to improve threat visibility and operational reporting.
- Apply Python, prompt-driven workflows, model context protocol (MCP) capabilities, and agent-to-agent orchestration patterns to support detection engineering, enrichment, and analytic decision support.
- Collaborate with threat intelligence, threat hunters, incident responders, red team, and engineering partners to evaluate detection coverage gaps and improve defensive capabilities.
- Manage work through Agile practices, documenting requirements, tracking delivery, and maintaining reliable platform operations across hybrid environments.
Experience you'll need to have:
- 8+ years of experience in cybersecurity engineering, security operations, or detection engineering, including building and maintaining detections for enterprise security environments.
- 8+ years of experience developing and tuning detections using security information and event management (SIEM) technologies, security orchestration, automation, and response (SOAR) platforms, and correlated rule logic for complex threat scenarios.
- 8+ years of experience scripting and automation development using Python, SQL, PowerShell, Bash, or similar languages to support integrations, telemetry processing, and response workflows.
- 8+ years of experience working with cybersecurity technologies such as endpoint detection and response (EDR), intrusion detection system or network detection and response (IDS/NDR), user and entity behavior analytics (UEBA), data loss prevention (DLP), web application firewall (WAF), proxy technologies, and cloud security services.
- Experience designing and supporting API integrations using representational state transfer (REST), JavaScript Object Notation (JSON), webhooks, OAuth, service accounts, and event-driven messaging patterns with measurable reliability and observability outcomes.
- Experience applying MITRE ATT&CK, detection coverage analysis, telemetry mapping, dashboard development, and threat reporting to improve cyber detection quality and operational awareness.
- Bachelor's degree in cybersecurity, computer science, information technology, engineering, or a related field, or equivalent combination of education, related experience and/or military experience.
Experience that would be great to have:
- Experience with Google SecOps in enterprise-scale detection engineering or security operations environments.
- Experience applying artificial intelligence, machine learning, feature engineering, prompt engineering, and AI-assisted coding to cybersecurity analytics, enrichment, or automation use cases.
- Experience with infrastructure as code, continuous integration and continuous delivery (CI/CD), Git-based workflows, and platform automation using tools such as Terraform.
- Industry certifications such as GIAC Certified Incident Handler, GIAC Security Operations Certified, GIAC Certified Intrusion Analyst, GIAC Penetration Tester, GIAC Defending Advanced Threats, or equivalent certification.
How you'll work:
- This role is on-site Monday through Friday. Fiserv considers in-person collaboration to be an essential part of this role as in-person office experiences help you with your overall onboarding experience and leads to stronger productivity.
Sponsorship:
You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered for this role.
Benefits at Fiserv:
- Fuel Your Life program to support your physical, financial, social, and emotional well-being.
- Paid holidays and generous time away policies.
- No-cost mental health support through Employee Assistance Programs.
- Living Proof program to recognize your peers' extra effort with points redeemable for rewards.
- Eight Employee Resource Groups to foster a collaborative culture and expand your network.
- Unparalleled professional growth with training, development, and internal mobility opportunities.
- Medical, dental, vision, life, and disability insurance options available from day one.
- Retirement planning including 401k match and discounted shares with the Employee Stock Purchase Plan.
- Tuition assistance and reimbursement program.
- Paid parental and military leave.
#LI-MJ1
Salary Range
$146,000.00 - $244,800.00These pay ranges apply to employees in New Jersey and New York. Pay ranges for employees in other states may differ.
It is unlawful to discriminate against a prospective employee due to the individual's status as a veteran.
For incentive eligible associates, the successful candidate is eligible for an annual incentive opportunity which may be delivered as a mix of cash bonus and equity awards in the Company's sole discretion.Thank you for considering employment with Fiserv. Please:
- Apply using your legal name
- Complete the step-by-step profile and attach your resume (either is acceptable, both are preferable).
Our commitment to Equal Opportunity:
Fiserv is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, gender, gender identity, sexual orientation, age, disability, protected veteran status, or any other category protected by law.
If you have a disability and require a reasonable accommodation in completing a job application or otherwise participating in the overall hiring process, please contactAskHR.US@fiserv.com. Please note our AskHR representatives do not have visibility to your application status. Current associates who require a workplace accommodation should refer to Fiserv's Disability Accommodation Policy for additional information.
Note to agencies:
Fiserv does not accept resume submissions from agencies outside of existing agreements.Please do not send resumes to Fiserv associates. Fiserv is not responsible for any fees associated with unsolicited resume submissions.
Warning about fake job posts:
Please be aware of fraudulent job postings that are not affiliated with Fiserv. Fraudulent job postings may be used by cyber criminals to target your personally identifiable information and/or to steal money or financial information. Any communications from a Fiserv representative will come from a legitimate Fiserv email address.