THREAT DETECTION ENGINEER

Threat Detection Engineer Remote – USA

Role Overview We are seeking a Senior Cybersecurity Engineer with deep expertise in modern, cloud-first enterprise security environments and exceptional interpersonal skills. This role requires a technically strong security engineer who can also communicate clearly, professionally, and confidently with stakeholders at all levels, delivering a customer-service mindset to everything they do.

The ideal candidate has a Bachelor’s Degree, 7+ years of enterprise cybersecurity experience, extensive hands-on knowledge of the Microsoft security ecosystem, and a strong understanding of cybersecurity across all domains, operating in complex, fast-paced environments.

Key Responsibilities:

Security Engineering & Operations

• Design, implement, and continuously improve security controls across cloud and SaaS environments.
• Act as a senior technical escalation point for security incidents, investigations, and complex security issues.
• Partner with SOC and incident response providers to ensure effective detection, response, and remediation.
• Lead root-cause analysis and drive continuous improvement following security events.
• Deliver security solutions with a customer-first mindset, ensuring stakeholders feel supported, informed, and confident.

Microsoft Security Stack

• Architect, deploy, and operate security solutions across the Microsoft 365 ecosystem, including:
• Entra ID (Azure AD), Conditional Access, Identity Protection
• Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365
• Build, tune, and optimize Microsoft Sentinel SIEM, including:
• Data connectors and ingestion
• Analytics rules, KQL queries, workbooks, and automation
• Threat hunting and detection engineering

Endpoint, Network & Cloud Security

• Administer and optimize CrowdStrike Falcon for endpoint protection, EDR, and threat hunting.
• Implement and manage Zscaler (ZIA/ZPA) to support Zero Trust access and secure connectivity.
• Demonstrate a strong understanding of enterprise networking concepts and topology, including:
• Cloud networking
• Secure access architectures
• Traffic inspection and segmentation
• Ensure security best practices are embedded across all cloud and SaaS platforms.

Governance, Risk & Best Practices Apply and enforce security best practices across all cybersecurity domains, including:

• Identity & Access Management
• Cloud & SaaS Security
• Endpoint Security
• Network Security
• Data Protection
• Security Monitoring & Incident Response
• Vulnerability & Risk Management
• Support audits, risk assessments, and compliance initiatives.
• Contribute to security policies, standards, procedures, and technical documentation.

Communication & Stakeholder Engagement

• Communicate security risks, incidents, and recommendations clearly, professionally, and confidently to technical and non-technical stakeholders.
• Deliver exceptional customer service to internal teams, leadership, and partners.
• Build trusted relationships across IT, cloud, and business teams.
• Mentor junior team members and raise the overall security maturity of the organization.

Required Qualifications

• Bachelor’s Degree and 7+ years of enterprise cybersecurity experience

• Strong hands-on expertise in:

◦ Microsoft 365 security stack ◦ Microsoft Sentinel SIEM ◦ CrowdStrike Falcon ◦ Zscaler (ZIA/ZPA)

• Solid understanding of enterprise networking topology and cloud networking concepts
• Experience working with MSSPs, SOCs, and incident response retainers
• Threat hunting and detection engineering experience
• Broad, practical knowledge across all major cybersecurity domains
• Proven experience in incident response and security investigations
• Exceptional written and verbal communication skills
• Outstanding customer service mindset, with the ability to engage professionally under pressure

Certifications

• CISSP (preferred) or actively studying for CISSP
• Microsoft Security certifications, a plus
• CCSP, Azure Security Engineer, GIAC, or equivalent, a plus

Nice to Have

• Automation or scripting skills (KQL, PowerShell, Python)
• Experience operating in high-growth, high-expectation enterprise environments

Pellera provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.