Security Content Engineer

Job Summary

A company is looking for a Security Content Engineer to join their Threat Fusion Cell remotely.

Key Responsibilities:

• Own and enhance detection content by developing, testing, and maintaining detection logic in KQL for Microsoft Sentinel
• Conduct advanced tuning and optimization to improve SOC efficiency and reduce alert fatigue
• Lead threat-informed research to design proactive detection strategies based on emerging threats

Required Qualifications & Experience:

• 5-8 years of experience in Detection Engineering, Security Operations, or a similar role focused on content creation
• Hands-on expertise with the Microsoft security stack, including Microsoft Sentinel and Microsoft 365 Defender
• High proficiency in Kusto Query Language (KQL) for writing complex detection queries
• Experience automating security workflows using SOAR platforms or scripting languages like Python or PowerShell
• In-depth knowledge of attacker TTPs and the MITRE ATT&CK framework