Cyber Security Analyst III, Detection Engineer Cloud SME jobs in United States
cer-icon
Apply on Employer Site
company-logo

Adapt Forward · 1 month ago

Cyber Security Analyst III, Detection Engineer Cloud SME

positionNorth Charleston, SC
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

Adapt Forward is a cybersecurity solutions provider for some of the nation’s most valuable information systems. The Detection Engineer Cloud SME will be responsible for designing, developing, and implementing detection mechanisms to identify cyber threats within a Cybersecurity Service Provider environment, collaborating with various teams to ensure effective threat detection.

ComputerCyber SecurityNetwork Security
check
Comp. & BenefitsbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Act as the primary SME for cloud log sources, designing efficient and secure log ingestion pipelines across multi-cloud environments (AWS, Azure, GCP). This includes configuring data parsing, enrichment, and normalization to ensure data quality and consistency for security analysis
Design and implement detection logic (KQL, EQL, and/or SPL) tailored to cloud-native attacks, including identity-based threats, privilege escalation, and data exfiltration TTPs
Analyze threat intelligence to create and refine detection mechanisms tailored to the customer’s environment
Validate and test detection rules to ensure accuracy, minimize false positive and benign positive matches, and enhance threat identification capabilities
Collaborate with DCO Watch Analysts to integrate detection mechanisms into monitoring and incident response workflows
Maintain and update detection tools and signatures in response to evolving threats, ensuring compliance with CJCSM 6510.01B and other applicable directives
Compile and maintain internal standard operating procedure (SOP) documentation for detection creation and implementation processes
Perform log analysis of Splunk and Elastic to support detection development and validation
Coordinate with reporting agencies and subscriber sites to align detection strategies with operational needs and threat intelligence
Participate in program reviews, product evaluations, and onsite certification evaluations to assess detection tool efficacy
Overtime may be required to support detection implementation or incident response actions (Surge)
Up to 10% travel may be required

Qualification

Cloud security expertiseDetection logic creationSignature developmentThreat intelligence analysisIDS/IPS solutionsLog analysis SplunkLog analysis ElasticCloud log ingestionSOP documentationCertifications AWSCertifications AzureEffective communicationProblem-solvingCollaboration with teams

Required

Bachelor's Degree in relevant discipline and 5 years or at least 8 years of experience working in a CSSP, SOC, or similar environment
2+ years of experience with signature development, detection logic creation and optimization on multiple platforms
Must be a U.S. Citizen
Must have requisite certifications to fulfill DoD 8570 IAT Level II and CSSP-specific requirements

Preferred

Deep technical expertise in major cloud provider security models and services (AWS IAM, Azure AD, GCP IAM, CloudTrail, Azure Monitor, VPC flow logs, etc.)
Experience working with and developing signatures for Splunk and Elastic
Experience with threat intelligence platforms and indicator management
Proficient knowledge of detection creation and implementation processes
Expertise in IDS/IPS solutions, including signature development and optimization
Strong understanding of the indicator lifecycle, including initial discovery, development, operational maturity, and long-term sustainment
Effective verbal and written communication skills
Ability to solve complex problems independently
Preferred certifications: AWS Certified Security, Azure Security Engineer Associate, or equivalent SANS GIAC certifications

Benefits

Comprehensive Physical Wellness Package, including Medical, Dental, Vision Care, plus Flexible Spending Accounts for health- and dependent-care are included in our standard benefits plan.
401k Retirement Plan with Matching Contribution is immediately available and vested.
Annual Training Budget to be used for conference attendance, school enrollment, certification programs, and associated travel expenses.
Eleven Federal Holidays, plus three weeks of PTO/vacation/sick leave that accrues at a rate of ten hours per month.
Employee Assistance Program: Counseling/legal assistance and other employee well-being programs are also offered.

Company

Adapt Forward

twittertwittertwitter
company-logo
Adapt Forward is a cyber security company that specializes in defensive and offensive cyber capabilities.
dateFounded in 2015
location
North Charleston, South Carolina, USA
people-size51-200 employees
web-link
https://www.adaptforward.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Rich Bowman
President and CEO
linkedin

Recent News

GlobeNewswire
Adapt Forward Selected for Missile Defense Agency’s SHIELD Contract to Support Nation’s Golden Dome Initiative
2025-12-16
Adapt Forward
Adapt Forward welcomes back cybersecurity veteran Micheal Small as technical lead of detection and response
2025-09-24
Company data provided by crunchbase