Senior Detection Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Centene Corporation · 17 hours ago

Senior Detection Engineer

positionTexas, United States
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$87K/yr - $161K/yr
date4+ years exp

Centene Corporation is a diversified national organization that leverages technology to enhance health outcomes for its 28 million members. As a Senior Detection Engineer, you will lead detection initiatives, design high-fidelity detections, and mentor a team while collaborating with various security teams to reduce risk and improve operational outcomes.

Hospital & Health Care
check
H1B Sponsor Likelynote

Responsibilities

Own end‑to‑end development of multi‑signal detections (endpoint, identity, network, cloud/SaaS) using Splunk (SPL), Microsoft Sentinel/Defender & Azure (KQL), FortiNDR Cloud (IQL), and Databricks (SQL)
Translate threat intel (IOCs/TTPs, ATT&CK mapping) into battle‑tested analytics; convert vetted Sigma rules to SPL/KQL where applicable
Implement version control, change notes, suppression logic, and CI/CD pipelines for detections; champion detection replay/backtesting to improve precision/recall and reduce noise
Establish and maintain reusable detection content libraries, curated views/tables, and documentation/runbooks that accelerate operations
Lead data onboarding and schema alignment; articulate coverage plans and quality gates for priority threats and control gaps
Partner with platform teams to improve data prerequisites (tables, fields, latency) and ensure telemetry health and resilience
Work directly with SOC/CSMT and CSIRT to tune, triage, and validate detections; convert hunts into detections and run purple‑team validations
Build tabletop exercises/training for analysts; advise on automation opportunities across SOC/IR workflows
Provide technical mentorship for DE I/II; conduct peer reviews of detection logic; contribute to sprint planning aligned to quarterly OKRs
Influence roadmap, standards, and governance for the DE program in partnership with the Principal/Lead Detection Engineer
Performs other duties as assigned
Complies with all policies and standards

Qualification

Detection engineeringSPLKQLATT&CK mappingCI/CD pipelinesCloud telemetryThreat intelligenceVersion controlAnalytical skillsJudgmentProject managementCommunication skillsDecision makingMentorshipProblem identification

Required

A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science)
Requires 4 – 6 years of related experience
3+ years in information security with hands‑on detection engineering (or SOC/IR roles with demonstrated analytics creation)
Proficiency in SPL, KQL, and one of IQL/Databricks SQL for multi‑event correlation, enrichment, and replay
Demonstrated experience turning IOCs/TTPs into durable analytics; strong ATT&CK fluency and coverage planning
Practical detection‑as‑code habits versioning, change control, backtesting, suppression strategy, CI/CD familiarity
Ability to partner with SOC/CSIRT/Threat Intel; communicate trade‑offs clearly and drive measurable outcomes
Intermediate - Seeks to acquire knowledge in area of specialty
Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
Intermediate - Ability to work independently
Intermediate - Demonstrated analytical skills
Intermediate - Demonstrated project management skills
Intermediate - Demonstrates a high level of accuracy, even under pressure
Intermediate - Demonstrates excellent judgment and decision making skills

Preferred

Experience integrating detections with Wiz and Varonis contexts (identity/data exposure)
Prior work in purple teaming and/or running detection validation exercises
Familiarity with cloud telemetry (Azure, Entra ID, MDE) and network/HTTP/DNS/SSL flow analysis via NDR
Contributions to internal content libraries, runbooks, and detection KPIs (precision/recall/coverage)
Certified Threat Intelligence Analyst (CTIA)-ECCOUNCIL
Certified Information Security Manager (CISM)
CISSP Certified Information Systems Security Professional
GIAC Cyber Threat Intelligence (GCTI) preferred

Benefits

Health insurance
401K
Stock purchase plans
Tuition reimbursement
Paid time off plus holidays
Flexible approach to work with remote, hybrid, field or office work schedules

Company

Centene Corporation

twitter
Glassdoor3.7
company-logo
Centene Corporation is a leading healthcare enterprise committed to helping people live healthier lives.
dateFounded in 1984
location
Saint Louis, MO, US
people-size10001+ employees
web-link
http://www.centene.com

H1B Sponsorship

Centene Corporation has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2021 (1)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Beth Johnson
President and CEO, Coordinated Care
linkedin
leader-logo
Clyde White
President & CEO (New Hampshire Healthy Families)
linkedin

Recent News

Business Journals
Judge rules lawsuit alleging Centene fraud can proceed
2024-05-06
FierceHealthcare
Centene offers look at its Medicaid strategy in 2024
2024-04-28
Forbes
Centene Profits Eclipse $1 Billion Thanks To Big Obamacare Enrollment
2024-04-28
Company data provided by crunchbase