Detection Engineer, Google SecOps | Remote, USA

undefined ago • 1-3 Years • Software Development & Engineering

Job Summary

Job Description

Optiv is seeking a highly motivated Detection Engineer to develop, deploy, and refine detection logic for diverse clients. This role involves mastering the Google SecOps ecosystem, translating threat intelligence into actionable detections, and collaborating with SOC analysts and security engineers. It's a foundational position offering direct mentorship and a clear path to becoming a detection expert, focusing on staying ahead of adversary techniques.
Must have:
  • Develop & Refine Detections
  • Deepen understanding and hands-on experience with Chronicle SIEM
  • Work with rich security telemetry from various sources
  • Learn to operationalize threat intelligence
  • Monitor and tune existing detections
  • Assist in developing and executing targeted queries for threat hunting
  • Gain experience with SOAR tools
  • Collaborate with SOC analysts, Threat Hunters, and Detection Engineers
  • Contribute to documentation of detection logic
  • Continuously research new attacker techniques
  • 1-3 years of hands-on experience in a cybersecurity role
  • Strong understanding of cybersecurity principles
  • Familiarity with networking concepts and operating system internals
  • Basic knowledge of cloud computing concepts, especially GCP
  • Proficiency with query languages used in SIEM platforms
  • Exposure to or strong desire to learn a scripting language
  • Demonstrated analytical & problem-solving ability
  • Excellent communication & collaboration skills
  • Strong desire to learn, adapt, and proactively contribute
  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field, or equivalent experience and certifications
Good to have:
  • Practical experience with Google Chronicle Security Operations
  • Familiarity with YARA-L or strong aptitude to learn it quickly
  • Eagerness to become a specialist in the Google SecOps ecosystem
  • Relevant industry certifications (e.g., CompTIA Security+, CySA+, Google Cybersecurity Certificate, GSEC, GCIH)
  • Experience or strong interest in threat hunting
  • Familiarity with MITRE ATT&CK framework, Sigma, and Detection-as-Code
  • Contributions to open-source security projects or personal security projects
  • Experience working in an MDR or MSSP environment
Perks:
  • Accelerated growth with mentorship from senior experts
  • Opportunities to specialize in cutting-edge platforms
  • Direct impact on securing real businesses from cyber threats
  • Become a go-to expert in Google SecOps
  • Supportive, inclusive, and passionate team culture
  • Diverse challenges with a wide array of client environments
  • Commitment to Diversity, Equality, and Inclusion through Employee Resource Groups
  • Work/life balance
  • Professional training resources
  • Creative problem-solving and unique project opportunities
  • Volunteer Opportunities through "Optiv Chips In"
  • Ability and technology for productive remote work

Job Details

We are looking for a highly motivated Detection Engineer to join our growing team. In this role, you will be instrumental in developing, deploying, and refining the detection logic that protects our diverse client base. You'll gain invaluable experience mastering the Google SecOps ecosystem, translating threat intelligence into actionable detections, and collaborating closely with our SOC analysts and security engineers to stay ahead of the latest adversary techniques. This is a foundational role designed for growth, providing direct mentorship and a clear path to becoming a detection expert.

How you'll make an impact:

  • Develop & Refine Detections: Under the guidance of senior engineers, assist in designing, writing, testing, and deploying high-fidelity detection rules
  • Google SecOps Expertise: Deepen your understanding and hands-on experience with Chronicle SIEM to enhance detection capabilities.
  • Telemetry Analysis: Work with rich security telemetry from various sources (endpoint, network, cloud, identity, application logs) ingested into Chronicle, identifying data points crucial for effective detection.
  • Threat Intelligence Application: Learn to operationalize threat intelligence, converting adversary TTPs and IOCs into concrete detection logic.
  • Tuning & Optimization: Monitor the performance of existing detections, analyze false positives/negatives, and contribute to tuning efforts to improve signal-to-noise ratio for our SOC analysts.
  • Threat Hunting Support: Assist in developing and executing targeted queries within Chronicle to proactively search for emerging threats and previously undetected activities.
  • Tooling & Automation: Gain experience with SOAR tools, supporting the integration of detection workflows and data enrichment processes.
  • Collaboration: Work closely with SOC analysts, Threat Hunters, and fellow Detection Engineers to understand operational needs, incident trends, and areas for detection improvement.
  • Documentation: Contribute to clear and concise documentation of detection logic, use cases, and testing procedures.
  • Stay Current: Continuously research new attacker techniques, security vulnerabilities, and advancements in the Google SecOps suite.

What we're looking for:

  • Experience: 1-3 years of hands-on experience in a cybersecurity role, such as a SOC Analyst, Incident Responder I, Junior Security Engineer, or a similar role focused on threat analysis.
  • Foundational Security Knowledge:
  • Strong understanding of cybersecurity principles, common attack vectors, and defensive strategies.
  • Familiarity with networking concepts (TCP/IP, common protocols) and operating system internals (Windows, Linux, macOS).
  • Basic knowledge of cloud computing concepts, especially GCP.
  • Hands-on Google SecOps (Highly Preferred):
  • Some practical experience with Google Chronicle Security Operations is a significant advantage.
  • Familiarity with YARA-L or a strong aptitude to learn it quickly.
  • Eagerness to become a specialist in the Google SecOps ecosystem.
  • Querying & Scripting Skills:
  • Proficiency with query languages used in SIEM platforms (e.g., familiarity with SPL, KQL, SQL, or similar; will train on YARA-L).
  • Exposure to or strong desire to learn a scripting language for automation and data analysis (Python highly preferred).
  • Analytical & Problem-Solving: Demonstrated ability to analyze security events, identify patterns, and contribute to solutions.
  • Communication & Collaboration: Excellent verbal and written communication skills to effectively collaborate with team members and understand requirements.
  • Proactive & Curious: A strong desire to learn, adapt, and proactively contribute in a fast-paced, evolving threat landscape.
  • Education: Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related technical field, or equivalent practical experience and certifications.
  • Any relevant industry certifications (e.g., CompTIA Security+, CySA+, Google Cybersecurity Certificate, GSEC, GCIH) preferred.
  • Experience or strong interest in threat hunting preferred.
  • Familiarity with MITRE ATT&CK framework, Sigma, and Detection-as-Code preferred.
  • Contributions to open-source security projects or personal security projects preferred.
  • Experience working in an MDR or MSSP environment preferred.

Why join us?

  • Accelerated Growth: This role is designed for rapid learning, providing mentorship from senior experts and opportunities to specialize in cutting-edge platforms.
  • Real-World Impact: Your work directly contributes to securing real businesses from cyber threats every single day.
  • Google SecOps Specialization: Become a go-to expert in one of the most powerful and in-demand cloud security platforms on the market.
  • Collaborative Culture: Join a supportive, inclusive, and passionate team where knowledge sharing and mutual growth are highly valued.
  • Diverse Challenges: Work with a wide array of client environments and threat scenarios, expanding your technical breadth.

What you can expect from Optiv

  • A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
  • Work/life balance
  • Professional training resources
  • Creative problem-solving and the ability to tackle unique, complex projects
  • Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
  • The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in United States

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Software Development & Engineering Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

We work alongside clients to manage cyber risk and equip them with perspectives and programs to accelerate business progress. Our real-world experience, deep vertical expertise and diverse teams enable us to face any challenge with confidence. We put you at the center of our unmatched ecosystem of people, products, partners and programs to design and implement agile solutions. Our adaptive approach continually assesses risk in the context of cyber and broader objectives to secure today's business and fortify it for the future.

Detroit, Michigan, United States (Remote)

San Francisco, California, United States (Remote)

Brandon, Mississippi, United States (On-Site)

Los Angeles, California, United States (Remote)

Knoxville, Tennessee, United States (On-Site)

Fort Worth, Texas, United States (Remote)

Vancouver, British Columbia, Canada (On-Site)

Minneapolis, Minnesota, United States (Remote)

Bengaluru, Karnataka, India (Hybrid)

View All Jobs

Get notified when new jobs are added by Optiv

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug