Senior Threat Detection Engineer

The Senior Threat Detection Engineer at Jones Lang LaSalle (JLL) leads the engineering, creation, and tuning of advanced detection capabilities. This role bridges threat hunting, data engineering, and automation to protect enterprise and cloud-native environments from sophisticated threat actors.

Key Responsibilities

• Detection Engineering: Design, implement, and tune high-fidelity detection rules across SIEM, EDR/XDR, and cloud-native SaaS platforms.
• Data Pipeline Management: Work with centralized logging, data lakes, and detection telemetry.
• Threat Modeling & Hunting: Proactively analyze attacker tactics, techniques, and procedures (TTPs) and execute hypothesis-driven threat hunting campaigns.
• Automation & AI Integration: Implement security automations using SOAR platforms and explore AI/ML and Large Language Models (LLMs) to enhance incident response and automated response actions.
• Collaboration: Partner closely with SOC, Red Team, and Threat Intel to validate signal quality, reduce false positives, and improve MITRE ATT&CK coverage.
• Mentorship: Provide technical guidance and mentorship to junior and mid-level security engineers.
  
  

Typical Requirements & Qualifications

• Experience: 4–8 years in cybersecurity, with a heavy emphasis on threat detection, incident response, or SOC operations.
• Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related quantitative field.
• Demonstrative experience in developing automation solutions for Cyber Security
• 5 years Information Technology experience
• 4 years of Cyber Security Experience
• 2 years of any SOAR tool experience (Splunk SOAR, Sentinel, Swimlane, etc
• Experience in utilizing CI/CD tools (such as GitHub Actions) to automate build, test, and deployment processes, ensuring smooth and efficient software delivery
• Familiarity with infrastructure-as-code (IaC) tools (e.g., Terraform, CloudFormation) to automate infrastructure provisioning and ensure consistent environments throughout the development lifecycle
• Strong verbal communications skills and concise written communication skills
• Strong organizational and multi-tasking and time management skills
• Prefers to work in agile team environment
  
  

Technical Skills:

The Senior Threat Detection Engineer at Jones Lang LaSalle (JLL) leads the engineering, creation, and tuning of advanced detection capabilities. This role bridges threat hunting, data engineering, and automation to protect enterprise and cloud-native environments from sophisticated threat actors.

Typical Requirements & Qualifications

• Experience: 4–8 years in cybersecurity, with a heavy emphasis on threat detection, incident response, or SOC operations.
• Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related quantitative field.
• Demonstrative experience in developing automation solutions for Cyber Security
• Experience in utilizing CI/CD tools (such as GitHub Actions) to automate build, test, and deployment processes, ensuring smooth and efficient software delivery
• Familiarity with infrastructure-as-code (IaC) tools (e.g., Terraform, CloudFormation) to automate infrastructure provisioning and ensure consistent environments throughout the development lifecycle
• Strong verbal communications skills and concise written communication skills
• Strong organizational and multi-tasking and time management skills
• Prefers to work in agile team environment
  
  

Technical Skills:

• Advanced proficiency in detection querying languages (e.g., KQL, SPL, SQL).
• Scripting and automation capabilities in languages like Python or Go.
• Strong working knowledge of cloud infrastructures (AWS, Azure) and container environments.
  
  

Certifications: Highly desirable to hold industry-recognized certifications like GIAC, CISSP, or equivalent.

Certifications: Highly desirable to hold industry-recognized certifications like GIAC, CISSP, or equivalent.