Detection Engineer
Job Description
AIG, a global leader in commercial and personal insurance solutions, is seeking a Detection Engineer to join their Information Technology team. This role is crucial in designing, developing, and maintaining detection rules while applying modern software security practices to threat detection. The position offers an exciting opportunity to build and shape a mature Detection-as-Code program from the ground up.
The ideal candidate will work alongside Security Operations teams, collaborating with resources globally to support effective Incident Response and risk management efforts. The role requires expertise in detection engineering, security operations, and automation, with a focus on implementing and maintaining security detection systems across cloud and network environments.
Key responsibilities include developing detection logic using Detection-as-Code principles, implementing CI pipelines, analyzing security telemetry, and building automation scripts. The position requires 4+ years of relevant experience and strong technical skills in Python, cloud security, and modern security frameworks.
AIG offers a comprehensive benefits package through their Total Rewards Program, focusing on health, wellbeing, and financial security. The company promotes a culture of inclusion and belonging, with various Employee Resource Groups and learning opportunities. They value in-person collaboration and expect team members to be primarily office-based.
This role presents an excellent opportunity for a security professional to make a significant impact in a global organization that is reimagining insurance and risk management. The position offers both technical challenges and leadership opportunities, including mentoring junior engineers and collaborating with cross-functional teams.
Responsibilities For Detection Engineer
- Develop, manage and version-control detection logic using Detection-as-Code principles
- Leverage and implement CI pipelines to validate and deploy detection rules
- Translate threat intelligence reports and attacker TTPs into detection rules
- Analyze logs and security telemetry from various sources and tools
- Continuously tune detections rules to maximize precision and efficacy
- Build and maintain automation scripts in Python, Bash and PowerShell
- Build and maintain detection and coverage metrics dashboards
- Train and mentor Junior Detection Engineers
- Collaborate with IR teams as part of response and remediation efforts
Requirements For Detection Engineer
- 4+ years in Detection Engineering, Security Operations or Security Automation
- Knowledge of SIEM, EDR, cloud and network-based detection techniques
- Exposure to cloud-native logging and monitoring
- Experience with cloud-native security alerting
- Understanding of threat actor behaviors and MITRE ATT&CK
- Proficiency in script and automation (Python preferred)
- Experience with Git and CI/CD pipelines
- Familiarity with YAML/JSON-based rule definitions
- Ability to simulate basic adversary behavior through automated frameworks
Benefits For Detection Engineer
- Health benefits
- Wellbeing programs
- Financial security benefits
- Professional development
- Volunteer Time Off
- Matching Grants Programs
Related Jobs
