Cyber Threat Detection & Response Engineer

📋 Description

• • As a Cyber Threat Detection & Response Engineer at UltraViolet Cyber, you will play a critical role in safeguarding organizations across Fortune 500, Federal Government, and commercial sectors by proactively identifying, investigating, and neutralizing cyber threats before they cause harm. Your work directly contributes to the company’s mission of unifying red and blue team capabilities through its security-as-code platform, enabling real-time, intelligence-driven defense that eliminates silos and enhances resilience against evolving adversaries.
• • You will perform advanced threat hunting operations within customer environments, leveraging behavioral analytics, log analysis, and endpoint telemetry to detect stealthy indicators of compromise that evade traditional security controls. This includes developing and refining hypothesis-driven hunts based on emerging TTPs, adversary emulation, and threat intelligence feeds to uncover hidden threats and validate detection efficacy.
• • You will design, develop, and deploy custom detection rules and correlation logic using SIEM, EDR, and XDR platforms (including Splunk, Elastic, Microsoft Sentinel, and CrowdStrike Falcon) to detect malicious activity across network, host, and cloud domains. This involves tuning existing rules for precision, reducing false positives, and creating novel detections based on MITRE ATT&CK framework mappings to ensure coverage against known and emerging threat actor behaviors.
• • You will conduct deep forensic analysis of suspected compromises, including memory analysis, disk forensics, and malware reverse engineering (static and dynamic), to determine scope, attribution, and impact. Findings will be documented in detailed technical reports and executive summaries for internal teams and customers, with clear remediation guidance and strategic recommendations to improve security posture.
• • You will collaborate closely with the Threat Intelligence & Detection Engineering (TIDE) team, internal account managers, and customer stakeholders to translate technical findings into actionable insights, participate in joint threat briefings, and contribute to the continuous improvement of detection engineering processes and playbooks.
• • You will stay current with the evolving threat landscape by monitoring adversary behavior, researching zero-day exploits, and contributing to internal threat intelligence sharing — including authoring technical blogs, presenting findings in team forums, and helping shape the direction of detection content and hunting methodologies.
• • You will help mature the organization’s detection engineering lifecycle by participating in red team/blue team exercises, validating detection coverage through adversarial emulation (e.g., Atomic Red Team, CALDERA), and measuring effectiveness via metrics such as MTTD (Mean Time to Detect) and MCIR (Mean Time to Contain).
• • UltraViolet Cyber is a practitioner-led, mission-driven organization where security experts build technology for security experts. You’ll join a team of seasoned analysts, engineers, and former red/blue team operators who prioritize technical depth, innovation, and real-world impact over bureaucracy — fostering an environment where your expertise directly shapes product capabilities and customer outcomes.
• • In this role, you will develop elite-level skills in threat hunting, detection engineering, malware analysis, and adversary emulation — positioning yourself as a trusted authority in cyber defense. You’ll gain hands-on experience with cutting-edge security platforms, contribute to intellectual property in detection content, and have the opportunity to influence how organizations detect and respond to threats at scale — accelerating your growth as a cybersecurity leader in both technical and strategic domains.