Overview: The Cyber Defense Detection Engineer is a highly skilled role to design, implement, and optimize advanced detection capabilities across our security platforms. The ideal candidate will possess deep expertise in building detection logic, improving log ingestion pipelines, tuning rules to reduce noise, and ensuring high-fidelity security alerts. This role requires a balance of technical depth, analytical rigor, and strong documentation skills to help maintain a resilient detection and response ecosystem. Specific experience and expertise with CrowdStrike a strong plus.
Scope/Key Responsibilities
- Detection Engineering
- Develop and maintain high-quality detection rules across SIEM, EDR, and NDR platforms.
- Continuously tune and refine detection logic to minimize false positives while ensuring coverage of critical threats.
- Log Management & Ingestion
- Review and optimize log ingestion pipelines for efficiency and completeness.
- Ensure parsing, normalization, and enrichment meet detection and reporting needs.
- Automation & SOAR
- Implement automated response playbooks to reduce noise and streamline analyst workflows.
- Integrate enrichment and threat intelligence sources to improve actionable alerting.
- Infrastructure & Architecture
- Document and suggest improvements for SIEM and SOAR environments with precision and scalability in mind.
- Ensure proper logging standards, data flows, and integrations are maintained and continuously improved.
- Metrics & Continuous Improvement
- Define and track detection efficacy metrics (coverage, fidelity, alert-to-case ratio).
- Lead post-incident detection reviews to close gaps and improve detection maturity.
- Report to leadership on status, roadblocks and suggested methods to improve efficiency.
- ensure compliance with IPO-grade regulatory requirements (e.g., SEC, FedRAMP, J-SOX).
- Collaboration & Knowledge Sharing
- Work closely with SOC analysts, threat hunters, and incident responders to validate detections.
- Create and maintain documentation, runbooks, and architectural diagrams with extreme attention to detail.
What We're Looking for:
- Bachelor's degree in Computer Science, Information Security, or a related field. Professional work experience will be considered in lieu of degree.
- 5+ years of experience in information security, cybersecurity, or related field.
- Expertise in developing and maintaining detection rules and optimizing log ingestion pipelines.
- Strong skills in automation and integration of threat intelligence to enhance actionable alerting.
- Excellent skills in collaboration and communication for validation of detection strategies with SOC teams.
- Experience with SIEM, EDR, and NDR platforms, with CrowdStrike expertise highly preferred.
- Strong understanding of security frameworks and compliance requirements (e.g., SEC, FedRAMP, J-SOX).
#LI-MH1
Our Values
If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
About Us
Who are we?
We are a proven, passionate bunch of disruptors. Our work is all about tapping into your potential so we can deliver the best solutions and customer experiences on the planet. Collaboration, respect, and a great work-life balance earned us the title of "Best Place to Work- Employees' Choice" by Glassdoor. Our people are smart, creative, rock stars with over 400 patents and 10,000 people years of domain expertise.
What do we do?
Blue Yonder is the world leader in digital supply chain and omni-channel commerce fulfillment. Our intelligent, end-to-end platform enables retailers, manufacturers and logistics providers to seamlessly predict, pivot and fulfill customer demand. With Blue Yonder, you can make more automated, profitable business decisions that deliver greater growth and re-imagined customer experiences. Blue Yonder - Fulfill your Potential. ™ blueyonder.com
“Blue Yonder” is a trademark or registered trademark of Blue Yonder, Inc. Any trade, product or service name referenced in this document using the name “Blue Yonder” is a trademark and/or property of Blue Yonder, Inc.
Blue Yonder, Inc.
15059 N Scottsdale Rd, Ste 400
Scottsdale, AZ 85254
Read More
Follow Us
- [](https://www.youtube.com/c/BlueYonderAI "YouTube")
- [](https://twitter.com/BlueYonder_AI "X")
- [](https://www.linkedin.com/company/blueyonderai "LinkedIn")
- [](https://www.facebook.com/BlueYonderAI/ "Facebook")
© 2025 Workday, Inc. All rights reserved.