1

Detection Engineer Jobs in Ohio (NOW HIRING)

Support development of cyber and EW defensive capabilities including detection engineering, intrusion detection/prevention, RF anomaly detection, and secure embedded system design. * Conduct RF ...

Senior Lead Security Engineer, AI

Columbus, OH · On-site

$110K - $151K/yr

Required : • Minimum 7 years of software/security engineering, including hands-on experience in one or more of: detection engineering, SecOps, AppSec/DevSecOps, or cloud security. • Minimum 3 ...

Lead a detection engineering function responsible for building and maintaining detection content and analytics across the enterprise. * Develop detection standards (naming, severity, testing criteria ...

Lead a detection engineering function responsible for building and maintaining detection content and analytics across the enterprise. * Develop detection standards (naming, severity, testing criteria ...

next page

Showing results 1-20

Detection Engineer information

See Ohio salary details

$10.1K

$143K

$176K

How much do detection engineer jobs pay per year?

As of Jul 16, 2026, the average yearly pay for detection engineer in Ohio is $142,968.00, according to ZipRecruiter salary data. Most workers in this role earn between $130,719.00 and $157,686.00 per year, depending on experience, location, and employer.

What does a Detection Engineer do?

A Detection Engineer is responsible for identifying, analyzing, and mitigating security threats by developing detection rules, monitoring security systems, and responding to potential incidents. They work with security tools like SIEMs, EDRs, and IDS/IPS to detect malicious activity and improve threat detection capabilities. Additionally, they collaborate with security teams to enhance defensive strategies and automate detection processes.

What kind of projects or tasks does a Detection Engineer typically work on?

As a Detection Engineer, you can expect to work on designing, implementing, and refining security detection strategies to identify potential threats and vulnerabilities in company systems. Daily responsibilities often include developing detection logic, analyzing security alerts, conducting threat hunting exercises, and collaborating with incident response teams. You may also work closely with other cybersecurity professionals to evaluate the effectiveness of existing security measures and recommend improvements. This dynamic environment offers opportunities to work on complex technical challenges while directly contributing to the organization’s overall security posture.

What are the key skills and qualifications needed to thrive in the Detection Engineer position, and why are they important?

To thrive as a Detection Engineer, you need strong analytical skills, a solid understanding of cybersecurity principles, and experience with threat detection and response, often supported by a degree in computer science or a related field. Proficiency with security information and event management (SIEM) tools, intrusion detection/prevention systems, and certifications like GIAC or CISSP are commonly required. Attention to detail, proactive problem-solving abilities, and effective communication enhance effectiveness in this role. These skills are crucial as Detection Engineers must accurately identify security threats, collaborate with teams, and minimize potential risks to the organization.

What are the most commonly searched types of Detection Engineer jobs in Ohio? The most popular types of Detection Engineer jobs in Ohio are:
Infographic showing various Detection Engineer job openings in Ohio as of July 2026, with employment types broken down into 89% Full Time, 9% Part Time, and 2% Contract. Highlights an 91% Physical, 2% Hybrid, and 7% Remote job distribution, with an average salary of $142,968 per year, or $68.7 per hour.

Senior Security Engineer - Elastic SIEM and Detection Engineering

Acronis

New Hampshire, OH • On-site

$102K - $140K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 23 hours ago


Job description

Acronis is a global leader in cyber protection, delivering AI-powered protection for productive MSPs in a single, natively integrated platform that unifies operations management, cybersecurity, and data protection. Driven by our mission to protect, manage and automate every workload that businesses and lives depend on, we've built the industry's only all-in-one solution.
We're looking for a Senior Security Engineer to lead our Elastic SIEM and Detection Engineering program. This is an engineering-first role focused on building scalable detection pipelines, improving telemetry quality, and developing high-confidence detections that help security teams move faster and respond more effectively.
You'll own the evolution of our Elastic Security environment - from log ingestion and platform optimization to Detection-as-Code pipelines and detection coverage strategy. This role is ideal for someone who enjoys building systems, improving signal quality, automating workflows, and solving detection engineering problems at scale.
While the primary focus is engineering, you'll also serve as a Tier 2 escalation point for complex security events, helping scope incidents, initiate containment when needed, and improve detections based on real-world activity.
This is a high-impact role with significant ownership and the opportunity to shape how detection engineering is implemented across the organization.

WHAT YOU'LL DO

Elastic SIEM & Platform Engineering:

  • Own and optimize the Elastic Security platform (Elasticsearch, Kibana, Fleet, Logstash, Elastic Agents)

  • Design and maintain ingestion pipelines for cloud, endpoint, network, and application telemetry

  • Improve telemetry quality, data retention, performance, and investigation workflows

  • Integrate SIEM workflows with SOAR and automation tooling

Detection Engineering & Detection-as-Code:

  • Build and maintain a Detection-as-Code pipeline using Git-based workflows and CI/CD automation

  • Develop, test, tune, and maintain high-fidelity detections using Elastic Security, EQL, and KQL

  • Reduce alert noise through tuning, enrichment, suppression, and exception handling

  • Map detections to MITRE ATT&CK and help drive detection coverage strategy

  • Track detection quality metrics including alert fidelity, false positive rates, and coverage gaps

Incident Response Support:

  • Assist with complex alert escalations and perform initial incident scoping

  • Execute initial containment actions when necessary (endpoint isolation, IP/domain blocking, account suspension)

  • Participate in a low-frequency on-call rotation for critical incidents

  • Translate incident learnings into improved detections and telemetry coverage

Collaboration & Automation:

  • Partner with infrastructure, DevSecOps, and cloud teams to improve logging and visibility

  • Build automation and tooling using Python and/or PowerShell

  • Support purple team exercises and adversary simulations

WHO WE'RE LOOKING FOR

  • 5+ years of cybersecurity engineering experience

  • 3+ years focused on SIEM engineering, detection engineering, or security analytics

  • Strong hands-on experience with Elastic Security and the Elastic Stack

  • Experience building or maintaining Detection-as-Code workflows using Git and CI/CD pipelines

  • Strong understanding of detection tuning, alert fidelity, and operational detection quality

  • Ability to independently investigate complex alerts and produce actionable findings

Technical Experience:

  • Elastic Security, Kibana, Fleet, Elastic Agents, EQL/KQL

  • Detection engineering and MITRE ATT&CK mapping

  • Jenkins, Bitbucket Pipelines, GitHub Actions, or similar CI/CD tooling

  • Python and/or PowerShell scripting

  • AWS CloudTrail, VPC Flow Logs, Azure Monitor, or similar telemetry sources

  • TCP/IP, DNS, HTTP/S, and common attack patterns

  • Threat intelligence enrichment and operationalization

Nice to Have:

  • SOAR playbook development and automated response workflows

  • Sigma rule development

  • Elastic detection-rules ecosystem familiarity

  • Terraform or Ansible experience

  • Previous SOC or Incident Response background

What Success Looks Like:

  • 30 Days: Validate telemetry sources and establish initial detection coverage baseline

  • 90 Days: Operational Detection-as-Code pipeline with initial custom detections deployed

  • 180 Days: Reduced alert noise, improved coverage visibility, and stabilized SIEM operations

WHO WE ARE

A Swiss company foundedin Singapore in2003, Acronis offers over twenty years of innovation with 15 offices worldwide and more than 1800 employees in 50+ countries. Acronis Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.

Our corporate culture centers on innovation, accountability, and impact. We encourage our people to think boldly, challenge conventional approaches, and take ownership of outcomes. As a member of our global "A-Team,"you'lloperatein a high-growth, fast-paced environment where resilience, adaptability, and a commitment to continuous improvement drive success.

The US pay range for this position is $123,000-$180,000. This range reflects the minimum andmaximumtotal target annual compensation for this role across all U.S. locations. The actual compensation offered at the start of employment isdeterminedbased on factors including, but not limited to, experience level, knowledge, skills, and geographic location.

In addition to competitive compensation, this role includes a comprehensive benefits package featuring medical, dental, and vision coverage, flexible spending accounts (FSA),disabilityand life insurance, a401(k) retirementplan with company match, and a generous vacation policy.

Acronis is an equalopportunityemployer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, marital status, national origin, physical or mental disability, medical condition, protectedveteran status, race, religion, sex (including pregnancy), sexual orientation, gender identity or expression, or any other characteristic protected by applicable laws, regulations and ordinances.