1

Threat Detection Engineer Jobs (NOW HIRING)

Senior Threat Detection Engineer

Chicago, IL · On-site

$107K - $147K/yr

The Senior Threat Detection Engineer at Jones Lang LaSalle (JLL) leads the engineering, creation, and tuning of advanced detection capabilities. This role bridges threat hunting, data engineering ...

Senior Threat Detection Engineer

Austin, TX · On-site

$103K - $142K/yr

The Senior Threat Detection Engineer at Jones Lang LaSalle (JLL) leads the engineering, creation, and tuning of advanced detection capabilities. This role bridges threat hunting, data engineering ...

Senior Threat Detection Engineer

New York, NY · On-site

$114K - $157K/yr

The Senior Threat Detection Engineer at Jones Lang LaSalle (JLL) leads the engineering, creation, and tuning of advanced detection capabilities. This role bridges threat hunting, data engineering ...

Senior Threat Detection Engineer

San Francisco, CA · On-site

$123K - $169K/yr

The Senior Threat Detection Engineer at Jones Lang LaSalle (JLL) leads the engineering, creation, and tuning of advanced detection capabilities. This role bridges threat hunting, data engineering ...

Tenex is seeking a highly motivated and skilled Threat Detection Engineer to join our growing Security Operations team. In this critical role, you will be responsible for proactively identifying and ...

Senior Threat Detection Engineer

Bellevue, WA · On-site

$128K - $176K/yr

As a Senior Threat Detection Engineer, you will take ownership of technical areas, leading initiatives to enhance threat detection and collaborate across teams to ensure security for Salesforce ...

Lead Threat Detection Engineer

Irving, TX · On-site +1

$139K - $231K/yr

McKesson's Lead Threat Detection Engineer will be a member of our global cyber threat intelligence, incident response, analytics, and engineering team responsible for advancing our detection ...

Lead Threat Detection Engineer

Irving, TX · On-site +1

$139K - $231K/yr

McKesson's Lead Threat Detection Engineer will be a member of our global cyber threat intelligence, incident response, analytics, and engineering team responsible for advancing our detection ...

We are looking for a savvy, high-performing Threat Detection Engineer who will be responsible for the day-to-day management of company-wide information security toolsets and the protection of ...

We are looking for a savvy, high-performing Threat Detection Engineer who will be responsible for the day-to-day management of company-wide information security toolsets and the protection of ...

next page

Showing results 1-20

Threat Detection Engineer information

What are the key skills and qualifications needed to thrive in the Threat Detection Engineer position, and why are they important?

To thrive as a Threat Detection Engineer, you need a solid understanding of network security, cybersecurity frameworks, threat analysis, and incident response, often backed by a degree in computer science or a related field. Hands-on experience with SIEM tools (such as Splunk or QRadar), intrusion detection/prevention systems, malware analysis platforms, and certifications like CISSP or GIAC are highly valued. Strong analytical thinking, effective communication skills, and a proactive mindset make someone stand out in this role. These skills are crucial for accurately identifying and responding to cyber threats in a timely manner while collaborating with security teams.

What does a typical workday look like for a Threat Detection Engineer?

A typical day for a Threat Detection Engineer involves monitoring security alerts, analyzing network and endpoint data, performing threat hunting activities, and triaging incidents for further investigation. You’ll regularly collaborate with other cybersecurity team members to develop detection rules, improve automated response processes, and stay up-to-date with emerging threat trends. Expect to participate in incident response drills and contribute to documentation and knowledge sharing within your organization. The environment is often fast-paced and requires a mix of independent analysis and teamwork to protect critical assets effectively.

What does a Threat Detection Engineer do?

A Threat Detection Engineer is responsible for identifying, analyzing, and mitigating potential security threats within an organization’s systems and networks. They develop and implement detection strategies, create alerts for suspicious activities, and fine-tune security tools to improve threat visibility. Additionally, they collaborate with security teams to investigate incidents and enhance overall cybersecurity defenses. Their goal is to ensure early detection and response to cyber threats, minimizing potential damage.

More about Threat Detection Engineer jobs
What cities are hiring for Threat Detection Engineer jobs? Cities with the most Threat Detection Engineer job openings:
What are the most commonly searched types of Threat Detection Engineer jobs? The most popular types of Threat Detection Engineer jobs are:
What states have the most Threat Detection Engineer jobs? States with the most job openings for Threat Detection Engineer jobs include:
Infographic showing various Threat Detection Engineer job openings in the United States as of July 2026, with employment types broken down into 93% Full Time, 5% Part Time, and 2% Contract. Highlights an 91% Physical, 2% Hybrid, and 7% Remote job distribution.

AI Threat Detection Engineer

Interon IT Solutions LLC

Malvern, PA • On-site

Other

Posted 12 days ago


Job description

Job Title: Senior AI Threat Detection Engineer
Location: Malvern, PA Primary | Plano, TX Secondary Option
Position W2

Job Description

We are seeking a Senior AI Threat Detection Engineer to support Security Operations Center modernization initiatives. The ideal candidate will have strong experience in SOC operations, detection engineering, cloud security, automation, and hands-on programming. This role will focus on developing AI-driven security capabilities, improving threat detection, automating SOC workflows, and building secure, scalable solutions using modern engineering practices.

The consultant will work closely with security engineering, SOC, platform, and cross-functional teams to design and implement AI-enabled solutions that improve incident response, reduce manual effort, and strengthen overall security operations.

Key Responsibilities

  • Lead response efforts for escalated cybersecurity alerts, incidents, and security investigations.

  • Analyze complex attack patterns in real time and recommend effective mitigation strategies.

  • Develop, maintain, and enhance detection logic, alerts, rules, policies, and signatures across security platforms.

  • Support monitoring and detection of cyber threats, vulnerabilities, risks, and threat actor tactics, techniques, and procedures.

  • Build and enhance AI agents to streamline SOC operations and improve analyst efficiency.

  • Design and optimize prompts, workflows, and use cases for LLM-based security solutions.

  • Build APIs, integrations, and automation workflows to support AI-driven threat detection capabilities.

  • Develop clean, maintainable, production-ready code following engineering best practices.

  • Implement safeguards, controls, and responsible AI practices for secure AI usage within security operations.

  • Evaluate emerging AI, GenAI, and automation technologies and recommend improvements for SOC modernization.

  • Collaborate with SOC, security engineering, cloud, platform, and application teams to deliver scalable AI-enabled solutions.

  • Support deployment and continuous improvement of AI agents across SOC use cases.

  • Mentor junior team members and help improve overall technical capability within the team.

  • Participate in special security projects and support additional responsibilities as needed.

Required Qualifications

  • 4+ years of hands-on programming or scripting experience using Python, Java, Shell, or similar languages.

  • 5+ years of experience working with cloud platforms such as AWS or Microsoft Azure.

  • 4+ years of experience building or supporting automation solutions such as SOAR, GitHub workflows, CI/CD automation, or similar platforms.

  • 4+ years of experience working with security technologies or supporting SOC/security operations.

  • 5+ years of exposure to SIEM platforms, detection engineering, or security monitoring concepts.

  • Strong understanding of security telemetry, including logs, alerts, endpoint data, network data, and cloud security data.

  • Experience supporting incident response, threat detection, alert tuning, and security investigation workflows.

  • Exposure to AI, GenAI, LLM-based solutions, or AI agent development.

  • Strong API integration, automation, and workflow development experience.

  • Ability to work with cross-functional teams and communicate technical findings clearly.

Preferred Skills

  • Hands-on experience developing AI or GenAI solutions for cybersecurity use cases.

  • Experience with prompt engineering, AI agents, and LLM-based workflow automation.

  • Experience with SOAR platforms and security orchestration.

  • Knowledge of MITRE ATT&CK, threat actor TTPs, and modern detection engineering practices.

  • Experience with cloud security monitoring, security data pipelines, and scalable automation frameworks.

  • Strong understanding of responsible AI, security controls, and risk mitigation for AI-based systems.

Ideal Candidate

The ideal candidate is a senior-level security engineer with strong programming, cloud, automation, and SOC experience. They should be comfortable building AI-driven security solutions, working with security telemetry, improving detection workflows, and collaborating with engineering teams to deliver production-ready capabilities.