{"id":786,"date":"2025-12-10T14:26:23","date_gmt":"2025-12-10T14:26:23","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=786"},"modified":"2025-12-10T14:26:25","modified_gmt":"2025-12-10T14:26:25","slug":"threat-detection-engineer-ai-native-mdr-and-google-security-operations","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/threat-detection-engineer-ai-native-mdr-and-google-security-operations\/","title":{"rendered":"Threat Detection Engineer \u2013 AI-Native MDR and Google Security Operations"},"content":{"rendered":"\n<p>\u200bThis is a full-time, <strong>remote (USA)<\/strong> <strong>Threat Detection Engineer<\/strong> role in the Security Operations Department at TENEX.AI, an AI-native Managed Detection and Response (MDR) provider. This is a critical role responsible for <strong>proactively identifying and mitigating security threats<\/strong> by developing, implementing, and maintaining <strong>advanced detection rules (YARA-L)<\/strong> within <strong>Google Security Operations (SecOps)<\/strong>.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Location:<\/strong> Remote, USA (Extreme preference\/relocation packages offered for Sarasota, FL, or Overland Park, KS; Remote status reserved for &#8220;10x of 10x&#8221; talent).<\/li>\n\n\n\n<li>\u200b<strong>Experience:<\/strong> <strong>Minimum of 5 years of experience<\/strong> in a security operations role with a strong focus on threat detection and analysis.<\/li>\n\n\n\n<li>\u200b<strong>Education:<\/strong> Bachelor&#8217;s degree in a related field (or equivalent practical experience).<\/li>\n\n\n\n<li>\u200b<strong>Key Focus:<\/strong> YARA-L rule development, Google SecOps, log analysis across cloud\/EDR\/network sources, TTP analysis, and detection automation.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bResponsibilities: Rule Development, Analysis, and Automation<\/h2>\n\n\n\n<p>\u200bThe engineer is the primary expert in threat detection logic, ensuring the security platform is highly tuned and effective against emerging threats.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Detection Engineering:<\/strong> Design, develop, implement, and maintain custom detection rules, correlation searches, and alerts within <strong>Google Security Operations (SecOps)<\/strong> to identify malicious activity, security incidents, and policy violations.<\/li>\n\n\n\n<li>\u200b<strong>YARA-L Expertise:<\/strong> Utilize expertise in the SecOps detection engine and <strong>YARA-L syntax<\/strong> to create efficient and effective detection logic.<\/li>\n\n\n\n<li>\u200b<strong>Log Analysis:<\/strong> Analyze <strong>large datasets of security logs<\/strong> and events from various sources (cloud platforms, EDR, network devices, applications) to identify patterns and anomalies indicative of threats.<\/li>\n\n\n\n<li>\u200b<strong>Proactive Strategy:<\/strong> Stay up-to-date with the latest <strong>threat intelligence<\/strong>, attack techniques, and <strong>TTPs<\/strong>\u00a0 to proactively develop new detection strategies.<\/li>\n\n\n\n<li>\u200b<strong>Automation:<\/strong> <strong>Automate detection creation, threat intelligence gathering, and rule deployment.<\/strong><\/li>\n\n\n\n<li>\u200b<strong>Collaboration &amp; Documentation:<\/strong> Collaborate closely with Security Analysts to tune detection logic. Contribute to the development and maintenance of security documentation, playbooks, and response strategies.<\/li>\n\n\n\n<li>\u200b<strong>Mentorship:<\/strong> Provide mentorship, training, and guidance to junior team members.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bRequired Qualifications and Technical Environment<\/h2>\n\n\n\n<p>\u200bThe position requires deep, proven experience with specific security tools, scripting, and modern threat concepts.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Core Experience (5+ years):<\/strong> Minimum of 5 years in security operations, with a strong focus on threat detection and analysis.<\/li>\n\n\n\n<li>\u200b<strong>Platform Expertise (Essential):<\/strong> <strong>Proven experience developing and implementing YARA-L rules within Google Security Operations (SecOps) is essential.<\/strong><\/li>\n\n\n\n<li>\u200b<strong>Threat Knowledge:<\/strong> Deep understanding of security principles, common attack vectors, and <strong>threat actor tactics, techniques, and procedures (TTPs)<\/strong>. Experience with <strong>threat intelligence<\/strong> and its integration into detection strategies.<\/li>\n\n\n\n<li>\u200b<strong>Scripting:<\/strong> Proficiency in scripting languages such as <strong>Python<\/strong> or similar for automation and analysis.<\/li>\n\n\n\n<li>\u200b<strong>Diverse Tool Experience (including but not limited to):<\/strong> Cloud security platforms (GCP, AWS, Azure), <strong>Endpoint Detection and Response (EDR)<\/strong> solutions, SIEM systems, Network security devices, and IAM systems.<\/li>\n\n\n\n<li>\u200b<strong>Preferred Qualifications:<\/strong>\n<ul class=\"wp-block-list\">\n<li>\u200bRelevant security certifications (<strong>Security+, CySA+, GCIH, GCIA<\/strong>, or similar).<\/li>\n\n\n\n<li>\u200bFamiliarity with <strong>MITRE ATT&amp;CK framework<\/strong>.<\/li>\n\n\n\n<li>\u200bExperience with <strong>SOAR<\/strong> (Security Orchestration, Automation and Response) platforms.<\/li>\n\n\n\n<li>\u200bKnowledge of <strong>data science and machine learning<\/strong> concepts as applied to security analytics.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u200bThis is a full-time, remote (USA) Threat Detection Engineer role in the Security Operations Department at TENEX.AI, an AI-native Managed Detection and Response (MDR) provider. This is a critical role responsible for proactively identifying and mitigating security threats by developing, implementing, and maintaining advanced detection rules (YARA-L) within Google Security Operations (SecOps). \u200bResponsibilities: Rule Development, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[42,648,44],"jobpost_job_type":[39],"jobpost_location":[1041],"jobpost_tag":[397,1340,3235,3623,3624,1938,24,81,1250,3625,3622,3207,3621],"class_list":["post-786","jobpost","type-jobpost","status-publish","hentry","jobpost_category-ai-artificial-intelligence","jobpost_category-information-technology","jobpost_category-security","jobpost_job_type-remote","jobpost_location-united-states","jobpost_tag-automation","jobpost_tag-cloud-security","jobpost_tag-edr","jobpost_tag-google-secops","jobpost_tag-mdr","jobpost_tag-mitre-attck","jobpost_tag-python","jobpost_tag-remote","jobpost_tag-siem","jobpost_tag-threat-detection-engineer","jobpost_tag-threat-intelligence","jobpost_tag-ttps","jobpost_tag-yara-l"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/786","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=786"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=786"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=786"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=786"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=786"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}