Detection Engineer

Job Summary

Working remotely in a full-time capacity, the Detection Engineer will analyze malware and adversary behavior, develop emulations, and create detection logic to enhance visibility and response across enterprise environments.

Key responsibilities

• Perform static and dynamic malware analysis to build attack chains and support emulation development
• Write emulations in languages such as C++, PowerShell, and C# to replicate malware behavior identified during analysis
• Produce high-quality technical reports summarizing findings and identifying telemetry gaps to improve detection coverage

Required qualifications

• Strong understanding of Splunk Search Processing Language (SPL)
• Proficiency in coding languages including C++, C#, Python, and Perl
• Proficiency in scripting languages such as PowerShell, JavaScript, and VBScript
• Strong understanding of networking fundamentals
• Strong understanding of Windows and Linux internals