binalyze - Detection Engineer

• Education: Bachelor’s degree in Computer Science, Cybersecurity, or related field; or equivalent professional experience. • Strong background in cybersecurity investigations, detection engineering, threat hunting, or security operations • Hands-on experience developing, validating, and tuning detections in live or production environments • Practical experience with detection and analysis technologies such as YARA, Sigma, SQL, and Python • Familiarity with reverse engineering, malware analysis, or deep artifact analysis to support detection development • Deep understanding of attacker techniques, tradecraft, and investigative workflows across endpoint, network, and cloud environments • Ability to translate technical findings into clear, actionable feedback for Product and Engineering teams • Preferred/Desirable: • DFIR, SOC, or threat detection background in enterprise environments • Experience contributing detections to security platforms or products • Familiarity with endpoint, log, or telemetry-based detection systems • Experience working in fast-moving, customer-facing security roles • Detection engineering: You design detections grounded in investigator workflows and attacker tradecraft — not abstract theory — and refine them continuously based on real customer outcomes. • Communication: You translate complex technical findings into clear, actionable feedback for Product and Engineering teams. • Relationship building: You partner with customers, Solutions Architecture, and Field CIROs without losing technical rigor or investigative depth. • Data-driven: You ground detection decisions in real telemetry, attacker behavior, and investigative outcomes — not theory. • Project management: You manage multiple concurrent detection workstreams across live engagements and product integration without dropping signal. • AI & Automation Fluency: Advanced. You design and build AI-powered automation systems across functions with a focus on business impact. You are expected to operate at Game Changer level on the Binalyze AI Fluency Matrix. • Adaptability: You work comfortably with ambiguity and shifting attacker landscapes. You make calls with incomplete information and adjust as evidence emerges. • Initiative: You identify detection gaps and investigative friction points without being asked. You don't wait for a brief. • Collaborative: You work across CERT, Product, and Engineering as equal partners, sharing credit and surfacing tradeoffs honestly. • Growth mindset: You treat every customer investigation as a chance to sharpen your detection craft and your understanding of attacker behavior. • Remote working: You are effective at working asynchronously across time zones. You communicate proactively in writing (Slack, Confluence) and don't rely on being in the same room.