Cybersecurity Engineer, Detection Engineer
On-site · San Antonio, Texas, United States
Job Summary
Senior Cybersecurity Engineer, Cyber Threat Detection responsible for engineering and optimizing threat detection logic to identify, analyze, and respond to emerging cyber threats targeting IT and ICS/OT across enterprise operations. Works with the Cyber Threat Operations team to translate threat intelligence into high-fidelity detection, develop automated response workflows, and contribute to incident response playbooks while coordinating with threat hunting, incident response, threat intelligence, and infrastructure teams to align detection strategy with risk posture and operational resiliency. Requires IT/OT security principles expertise and a passion for protecting critical infrastructure in the energy sector.
Required Qualifications
- Bachelor’s Degree in Information Technology or related field (or equivalent experience)
- Two (2) or more years of relevant experience
- Hands-on experience with SIEM platforms (e.g., Splunk, Google SecOps, QRadar)
- Detection rule creation and alert tuning
- Scripting experience (e.g., Python, PowerShell)
- Security automation/orchestration tools (e.g., SOAR platforms like Google SecOps, Cortex XSOAR, Splunk SOAR, Swimlane)
- Familiarity with ICS/OT networks and industrial protocols such as Modbus, DNP3, and OPC
- Knowledge of threat frameworks including MITRE ATT&CK and Cyber Kill Chain
- Authentic communicator with written and verbal clarity
- Cybersecurity risk management and governance
- Penetration testing basics and security controls
- Security Information & Event Management (SIEM) fundamentals
- Disaster recovery planning per corporate guidelines
- Experience delivering detection content, orchestration logic, tuning efforts, and automation workflows for knowledge sharing
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.