← Back to jobs
Accenturefederalservices
Accenturefederalservices

Detection Engineer

otherfull-timeArlington, VA
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
general
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

Job Description

The Detection Engineer will work on the Cyber Incident Response Team (CIRT) within the Information Security organization.

Responsibilities

  • Design, engineer, and implement security detection initiatives under the cybersecurity team lead.
  • Develop new detection logic for SIEM (Microsoft Sentinel) and network security platforms (Cisco FirePower, IDS/IPS), incorporating AI-driven tooling where applicable.
  • Write and optimize KQL queries for Sentinel to improve detection fidelity and reduce false positives.
  • Tune detection sets to raise security-relevant events for triage and response teams.
  • Maintain version control of detection logic using Git and GitHub workflows for collaborative development and auditability.
  • Bridge the gap between network engineering and cybersecurity teams to advocate for secure network designs and maximize security device capabilities.
  • Conduct technical briefings to enhance team awareness of network architecture and detection strategies.
  • Collaborate with operations and management to recommend improvements to security posture and ensure compliance with industry and federal standards (e.g., NIST, CISA).

What You Need

  • U.S. Citizenship required
  • Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
  • 6+ years experience in information security or equivalent combination of education and work experience
  • 2+ years experience performing event and log analysis across enterprise security tools (AV, IDS/IPS, Firewalls, Active Directory, Web Proxies, DLP, SIEM)
  • Hands-on experience with: Microsoft Sentinel & KQL (minimum 1 year), Cisco FirePower and IDS/IPS configuration (minimum 1 year), SIEM platforms (Sentinel preferred), detection engineering: designing and tuning signatures for IoCs and IoAs, packet and malware analysis using tools like Wireshark, Git and GitHub for detection code version control and collaborative workflows, scripting and parsing (regex, PowerShell, Python, grep, sed, awk), TCP/IP, application layer protocols, and Windows/Linux internals, MITRE ATT&CK framework for detection mapping

Bonus If You Have

  • Threat hunting and automation experience
  • Familiarity with cloud security monitoring (Azure, AWS)
  • Certifications such as GIAC GCIA, GCED, or Microsoft Security Operations Analyst Associate
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now
Detection Engineer at Accenturefederalservices — Remote