Deepwatch · 8 hours ago
Detection Engineer
Tampa, FL Hybrid
Full-time
Hybrid
Mid Level
$94K/yr - $119K/yrDeepwatch is a leader in managed security services, dedicated to protecting organizations from cyber threats. The Detection Engineer will serve as a subject matter expert in cybersecurity detections, participating in detection strategy, creation, tuning, and validation to enhance customer security posture.
Cloud SecurityCyber SecurityInformation Technology
No H1B
U.S. Citizen Only
Responsibilities
Develop and document new Detection Capabilities for customer environments
Work with customers to develop a comprehensive strategy for effective detections
Leverage industry frameworks, such as MITRE ATT&CK Framework, for customer-facing alert improvement roadmap
Apply knowledge of common detection tools (Azure logging, command line logging, etc.) to advise customers on logging capabilities to expand applicable detection library
Confidently prioritize log sources for ingestion and enablement
Evaluate current monitoring and detection capabilities to identify areas for improvement
Conduct Detection Gap Analyses
Manage detection capabilities to ensure appropriate coverage, effective operation, and adherence to Deepwatch standards
Detection Enablement
Detection Effectiveness (Tuning, Validation, etc.)
Detection Creation
Onboard assigned customers, establishing baseline detection coverage and detection enablement plan post onboarding
Ensure ingested log sources conform to CIM standards
Qualification
Required
Experience working for a Managed Security Service Provider (MSSP) or similar cybersecurity organization
Experience working and querying SIEM tools or other log-based data preferably Splunk
Experience in engineering event detection & response tuning
Ability to engineer creative, scalable, and out-of-the-box solutions
Up to date with engineering best practices, security technology trends, tools, and frameworks
Experience in developing detections for attacker tactics, techniques, and procedures (TTPs)
Able to both investigate and create security rules in at least 1 SIEM
Understanding of general enterprise network architecture and security incident response
Understanding of common enterprise technologies and logging capabilities including Cloud, IDS/IPS, Firewalls, Active Directory, Anti-Virus/EDR, Proxies, and Email Gateway
Understanding of various attack frameworks such as MITRE ATT&CK and general adversarial / defensive security techniques (e.g. the Cyber Kill Chain, and NIST)
Ability to communicate and document technical information effectively towards various audience
Benefits
Medical, dental, vision, and disability insurance
Flexible Time Off (FTO), 11 company holidays, sick leave and 8-Weeks Paid Parental Leave
Unique professional development benefits, starting at $3,000 annually
Wellness contests and monthly educational programs
401(K) retirement program
Company
Deepwatch
Deepwatch secures the digital economy by protecting enterprise networks via its cloud security platform.
Founded in 2019
201-500 employees
Funding
Current Stage
Growth StageTotal Funding
$256MKey Investors
Goldman SachsABS Capital Partners
2023-02-15Series C· $180M
2020-10-12Series B· $53M
2019-04-03Series A· $23M
Leadership Team
John DiLullo
Chief Executive Officer
Shane McGee
Chief Legal Officer & Chief Privacy Officer
Recent News
Techcircle
2025-11-23
Company data provided by crunchbase