1

Detection Engineer Jobs in Oregon (NOW HIRING)

SOC Tier 3 Analyst

Portland, OR · On-site

$88K - $104K/yr

Citizenship with ability to obtain and maintain a DOE "L" clearance after start. * 5+ years of experience in SOC operations, incident response, detection engineering support, threat analysis, or ...

OR

$124K - $164K/yr

Experience in the cybersecurity domain is strongly preferred. (think SIEM, EDR/XDR, log pipelines, detection engineering, threat hunting, etc.). * A Collaborative, Curious, and Practical Mindset * Y ...

Collaborate with other security functions, engineering, product, support, business operations to ... Apply a threat modeling centric approach to incident detection and response * Maintain security ...

OR · Hybrid

Expanding into next-generation security domains such as AI/ML security, container security, and advanced threat detection and response. We are seeking a highly experienced Cloud Security Engineer ...

OR · On-site

$104K - $143K/yr

... to detect and stop sophisticated cyberattacks across hybrid cloud, identity, and network ... Experience * 6+ years of experience as a software engineer, machine learning engineer, or AI ...

Translate SOC, threat hunting, threat intelligence, incident response, and leadership requirements into Splunk architecture, data, dashboard, reporting, and detection engineering capabilities.

Fire Protection Engineer

$140K - $165K/yr

Responsibilities include ensuring that fire detection and suppression systems for projects comply ... The fire protection engineer will collaborate closely with the energy design team to develop fire ...

Senior Security Engineer

Clackamas, OR · On-site

$120K - $165K/yr

Senior Security Engineer Department: IT Group Employment Type: Full Time Location: Clackamas ... Support endpoint detection and response, antivirus tools, server/endpoint security controls 4: ...

Senior Security Engineer

Portland, OR · On-site

$121K - $166K/yr

Design and tune detection logic, alerts, and monitoring for threats and anomalous activity * Lead ... Partner with DevOps, SRE, and engineering teams to integrate security tooling into CI/CD pipelines

Lead Site Reliability Engineer

OR · Remote

$53.50 - $71/hr

Implement rules to detect deviations, implement improvements together with the teams. * Design and ... Champion SRE principles such as SLIs, SLOs, and error budgets. * Advocate for resilient ...

OR · On-site

We are seeking a highly skilled and results-oriented AI Security Engineer to support the ... Defines and operationalizes Monitoring, Detection & Incident Response capabilities for AI systems ...

Senior SIEM Engineer

$114K - $156K/yr

Translate detection requirements from threat hunters, CTI analysts, and engineering teams into ... production SIEM content mapped to the MITRE ATT&CK framework. * Integrate SIEM with SOAR, EDR, NDR ...

Senior Security Engineer

Clackamas, OR

$120K - $165K/yr

Summary: The Senior Security Engineer at Pacific Seafood is a key role in our information ... Support endpoint detection and response, antivirus tools, server/endpoint security controls 4: ...

Senior Security Engineer

Clackamas, OR · On-site

$120K - $165K/yr

Summary: The Senior Security Engineer at Pacific Seafood is a key role in our information ... Support endpoint detection and response, antivirus tools, server/endpoint security controls 4: ...

Support red team exercises and adversary simulation activities to test detection and response ... Security Engineering * Own remediation follow-through: translate pen test findings into security ...

Support red team exercises and adversary simulation activities to test detection and response ... Security Engineering * Own remediation follow-through: translate pen test findings into security ...

Our team is a group of engineers focused on designing, building, and optimizing real-time voice ... deepfake detection. We work at the intersection of advanced technology and personal security ...

New

AI Red Team Lead Engineer

Gresham, OR · On-site

$108K - $143K/yr

Partner with detection, engineering, and governance teams to support purple-team and control validation activities. * Contribute to AI security standards, testing guidance, and program strategy.

next page

Showing results 1-20

Detection Engineer information

What does a Detection Engineer do?

A Detection Engineer is responsible for identifying, analyzing, and mitigating security threats by developing detection rules, monitoring security systems, and responding to potential incidents. They work with security tools like SIEMs, EDRs, and IDS/IPS to detect malicious activity and improve threat detection capabilities. Additionally, they collaborate with security teams to enhance defensive strategies and automate detection processes.

What kind of projects or tasks does a Detection Engineer typically work on?

As a Detection Engineer, you can expect to work on designing, implementing, and refining security detection strategies to identify potential threats and vulnerabilities in company systems. Daily responsibilities often include developing detection logic, analyzing security alerts, conducting threat hunting exercises, and collaborating with incident response teams. You may also work closely with other cybersecurity professionals to evaluate the effectiveness of existing security measures and recommend improvements. This dynamic environment offers opportunities to work on complex technical challenges while directly contributing to the organization’s overall security posture.

What are the key skills and qualifications needed to thrive in the Detection Engineer position, and why are they important?

To thrive as a Detection Engineer, you need strong analytical skills, a solid understanding of cybersecurity principles, and experience with threat detection and response, often supported by a degree in computer science or a related field. Proficiency with security information and event management (SIEM) tools, intrusion detection/prevention systems, and certifications like GIAC or CISSP are commonly required. Attention to detail, proactive problem-solving abilities, and effective communication enhance effectiveness in this role. These skills are crucial as Detection Engineers must accurately identify security threats, collaborate with teams, and minimize potential risks to the organization.

What are the most commonly searched types of Detection Engineer jobs in Oregon? The most popular types of Detection Engineer jobs in Oregon are:
What cities in Oregon are hiring for Detection Engineer jobs? Cities in Oregon with the most Detection Engineer job openings:
Infographic showing various Detection Engineer job openings in Oregon as of July 2026, with employment types broken down into 91% Full Time, 6% Part Time, 2% Contract, and 1% Nights. Highlights an 91% Physical, 2% Hybrid, and 7% Remote job distribution.
SOC Tier 3 Analyst

SOC Tier 3 Analyst

ECS

Portland, OR • On-site

$88K - $104K/yr

Full-time

Re-posted 27 days ago


Job description

Everforth ECS is seeking a SOC Tier 3 Analyst to work in our Portland, OR office. Note: This position is contingent upon contract award.
The SOC Analyst 3 supports the organization's security operations by leading complex incident analysis, validating advanced investigative findings, coordinating technical response actions, improving detection effectiveness, and mentoring lower-tier analysts. This role is the senior technical analysis and escalation tier within the SOC Analyst role family.
The ideal candidate has advanced SOC, incident response, and detection-analysis experience; understands adversary tradecraft and enterprise security architecture; and can coordinate complex technical investigations while partnering with SOC leadership, threat hunting, threat intelligence, forensics, Splunk engineering, security engineering, and program stakeholders.
This role involves shift work schedule to support our 24/7 operation, including weekends and holidays. Candidates must be flexible in their availability. While we make every effort to accommodate individual preferences, it's essential to understand that specific shift requests are not guaranteed and are assigned based on operational needs.
Key Responsibilities
Advanced Incident Analysis & Escalation Leadership
  • Lead analysis of complex, high-impact, multi-stage, or ambiguous security incidents across enterprise systems, cloud environments, identity platforms, endpoints, networks, and applications.
  • Validate incident severity, scope, attack path, affected assets, affected accounts, likely root cause, and potential operational or business impact.
  • Review and resolve escalated findings from SOC Analyst 1 and SOC Analyst 2, including disputed severity, inconclusive evidence, or multi-source correlation challenges.
  • Provide technical facts, risk context, and recommended response priorities to SOC leadership for major incident handling and stakeholder communication.

Technical Response Coordination
  • Coordinate complex containment, eradication, and recovery support with Security Engineer, Senior Engineer, system owners, incident responders, and other technical teams.
  • Define evidence collection requirements and coordinate handoff to Forensics Lead or Forensics Mid when formal acquisition, preservation, chain of custody, or deep forensic analysis is required.
  • Guide investigation strategy, timeline development, technical response sequencing, and escalation decisions for complex incidents.
  • Maintain alignment with approved incident response plans, playbooks, evidence-handling expectations, and leadership direction.

Detection Effectiveness & Analytic Improvement
  • Analyze adversary behaviors, attack patterns, vulnerabilities, threat intelligence, control gaps, and recurring incident trends to improve detection and response effectiveness.
  • Define analytic requirements and validate correlation rules, alert logic, dashboards, use cases, and response playbooks for operational effectiveness.
  • Map complex observed behaviors to MITRE ATT&CK and other applicable threat models to support analytic improvement and stakeholder reporting.
  • Coordinate with SOC Threat Hunter to convert hunt findings into operational detections and with Senior Splunk Engineer or Splunk Architect/Lead for technical implementation.

Reporting, Briefings & Knowledge Transfer
  • Prepare or review complex incident summaries, technical timelines, investigation narratives, after-action inputs, and lessons-learned content.
  • Communicate complex technical findings in clear operational, business, and risk language for SOC leadership, program stakeholders, and technical teams.
  • Provide technical input to SOC Technical Writer for SOPs, playbooks, knowledge articles, and formal documentation products.
  • Mentor SOC Analyst 1 and SOC Analyst 2 personnel through escalation review, coaching, analytic guidance, and quality feedback.

Governance, Quality & Continuous Improvement
  • Lead or support detection reviews, tabletop exercises, incident retrospectives, process assessments, and quality improvement activities.
  • Identify recurring gaps in telemetry, tools, controls, workflows, documentation, or analyst training and coordinate corrective action requirements with the appropriate owner.
  • Stay current with evolving cyber threats, vulnerabilities, adversary tradecraft, detection techniques, and security operations best practices.
  • Translate lessons learned and threat developments into improved detections, procedures, escalation criteria, and analyst enablement materials.

  • U.S. Citizenship with ability to obtain and maintain a DOE "L" clearance after start.
  • 5+ years of experience in SOC operations, incident response, detection engineering support, threat analysis, or advanced cybersecurity operations.
  • Advanced experience using SIEM, EDR, log analysis, case management, and cross-tool correlation to investigate complex security incidents.
  • Strong understanding of adversary tradecraft, MITRE ATT&CK, incident response lifecycle activities, evidence handling, detection logic, and enterprise security architecture.
  • Experience leading complex investigations, validating technical findings, defining response priorities, and coordinating technical response across multiple teams.
  • Experience developing or validating detection requirements, alert logic, analytic coverage, investigation workflows, or response playbooks.
  • Strong written and verbal communication skills, including the ability to brief technical findings and mentor lower-tier analysts.