Zeni Max Media, Inc.
ZeniMax Media, Inc.
@ Rockville, MD, US Information Technology
Overview ZeniMax Media, part of Microsoft Gaming, is seeking a highly skilled and motivated Senior Engineer – Threat Detection & Incident Response to join our Gaming Security team. This U.S.-based remote or hybrid position plays a critical role in protecting our studios, platforms, and player communities across a diverse gaming ecosystem. You will lead efforts to design and optimize advanced detection capabilities, respond to complex security incidents, and drive strategic improvements in threat visibility and response operations.
Responsibilities Detection Engineering
Design, fine-tune, and maintain high-fidelity detection content and alerting logic across SIEM and SOC platforms, minimizing false positives and alert fatigue.
Leverage scripting and automation (Python, PowerShell, etc.) to enhance detection coverage, accelerate response workflows, and improve operational efficiency.
Apply threat intelligence, adversary simulation, and behavioral analytics (MITRE ATT&CK) to identify detection gaps and drive continuous improvement.
Partner with infrastructure, application, and cloud engineering teams to embed detection capabilities in new and existing systems.
Monitor and analyze security events for potential risks or anomalies.
Lead investigations and perform end-to-end incident response, including containment, eradication, and post-incident reviews.
Conduct forensic analysis and log correlation to reconstruct attack paths and identify root causes.
Develop playbooks, standard operating procedures (SOPs), and knowledge articles to institutionalize response processes.
Work cross-functionally with teams such as Legal, Game Security, Player Support, and Corporate Engineering to ensure comprehensive risk visibility and response alignment.
Provide technical leadership in evaluating detection and response tools, shaping detection architecture, and executing strategic security initiatives.
Participate in on-call rotations and global incident response operations, including potential travel for events or escalations.
Qualifications
Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field, or equivalent professional experience (typically 6+ years, including at least 4 years focused on threat detection and incident response).
Deep expertise in SIEM platforms (e.g., Microsoft Sentinel) and M365 Security Suite (Defender for Endpoint, Defender for Identity, Defender for Cloud Apps).
Strong understanding of adversary tactics, techniques, and procedures (TTPs) mapped to MITRE ATT&CK.
Demonstrated experience leading investigations and performing forensic or behavioral analysis.
Practical experience with cloud environments (Azure, AWS, GCP) and associated security telemetry.
Excellent written, verbal, and interpersonal communication skills.
Preferred Skills
Experience in hybrid or Cloud Security operations environments.
Familiarity with AI-assisted detection and automation technologies to improve rule tuning, triage, and response speed.
Relevant industry certifications (e.g., GCIA, GCIH, GMON, or Azure Security Engineer).
Background in malware analysis, reverse engineering, or development of custom detection frameworks.
Passion for mentoring, knowledge-sharing, and driving innovation in cybersecurity practices.
Flexibility to support global operations, including shift work, holidays/weekends, and occasional travel.
Proactive, ownership-driven mindset with willingness to volunteer for high-impact tasks or assist in major incidents beyond assigned scope.
Salary Range Senior Detection & Response Engineer
- The typical base pay range for this position at the start of employment is expected to be between
$80,000 - $180,000
per year.
ZeniMax has different base pay ranges for different work locations within the United States, which allows us to pay employees competitively and consistently in different geographic markets. The range above reflects the potential base pay across the U.S. for this role; the applicable base pay range will depend on what ultimately is determined to be the candidate’s primary work location. Individual base pay depends on various factors, in addition to primary work location, such as complexity and responsibility of role, job duties/requirements, and relevant experience and skills. Base pay ranges are reviewed and typically updated each year. Offers are made within the base pay range applicable at the time.
At ZeniMax certain roles are eligible for additional rewards, such as merit increases and discretionary bonuses. These awards are allocated based on individual performance and are not guaranteed. Benefits/perks listed here may vary depending on the nature of employment with ZeniMax and the country work location. U.S.-based employees have access to healthcare benefits, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, wellbeing benefits, paid vacation time, paid sick and mental health time, and several paid holidays, among others.
We embrace diversity, equity, and inclusion in everything we do – from recruiting for our studios, publishing and operations to fostering safe and respectful workplaces that encourage collaboration. Our culture is based on principles of respect, inclusion, and fair treatment and we welcome anyone into our family without regard to race, religion, gender identity, sexual orientation, or age.
Our diversity fuels our innovation and inspires us to create game worlds that bring us closer to the global community of players we serve.
Site Visit The next step will be an invitation to come out and meet the team at the studio for onsite interviews.
In the event that we choose not to move forward at any point in the recruiting process, we will let you know.
Your Privacy ZeniMax understands the importance of privacy. Please review the Applicant Privacy Notice attached to each position, which explains how we process the personal information we collect about you when you apply for a job or submit information to us through our job portal. BY APPLYING FOR THIS OR ANY POSITION, SHARING THIS JOB, OR OTHERWISE PROVIDING US WITH YOUR PERSONAL INFORMATION THROUGH THIS JOB PORTAL, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THE APPLICANT PRIVACY NOTICE, WHICH IS SET FORTH IN the “APPLICANT PRIVACY NOTICE” SECTION BELOW EACH POSITION.
#J-18808-Ljbffr
@ Rockville, MD, US Information Technology
Overview ZeniMax Media, part of Microsoft Gaming, is seeking a highly skilled and motivated Senior Engineer – Threat Detection & Incident Response to join our Gaming Security team. This U.S.-based remote or hybrid position plays a critical role in protecting our studios, platforms, and player communities across a diverse gaming ecosystem. You will lead efforts to design and optimize advanced detection capabilities, respond to complex security incidents, and drive strategic improvements in threat visibility and response operations.
Responsibilities Detection Engineering
Design, fine-tune, and maintain high-fidelity detection content and alerting logic across SIEM and SOC platforms, minimizing false positives and alert fatigue.
Leverage scripting and automation (Python, PowerShell, etc.) to enhance detection coverage, accelerate response workflows, and improve operational efficiency.
Apply threat intelligence, adversary simulation, and behavioral analytics (MITRE ATT&CK) to identify detection gaps and drive continuous improvement.
Partner with infrastructure, application, and cloud engineering teams to embed detection capabilities in new and existing systems.
Monitor and analyze security events for potential risks or anomalies.
Lead investigations and perform end-to-end incident response, including containment, eradication, and post-incident reviews.
Conduct forensic analysis and log correlation to reconstruct attack paths and identify root causes.
Develop playbooks, standard operating procedures (SOPs), and knowledge articles to institutionalize response processes.
Work cross-functionally with teams such as Legal, Game Security, Player Support, and Corporate Engineering to ensure comprehensive risk visibility and response alignment.
Provide technical leadership in evaluating detection and response tools, shaping detection architecture, and executing strategic security initiatives.
Participate in on-call rotations and global incident response operations, including potential travel for events or escalations.
Qualifications
Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field, or equivalent professional experience (typically 6+ years, including at least 4 years focused on threat detection and incident response).
Deep expertise in SIEM platforms (e.g., Microsoft Sentinel) and M365 Security Suite (Defender for Endpoint, Defender for Identity, Defender for Cloud Apps).
Strong understanding of adversary tactics, techniques, and procedures (TTPs) mapped to MITRE ATT&CK.
Demonstrated experience leading investigations and performing forensic or behavioral analysis.
Practical experience with cloud environments (Azure, AWS, GCP) and associated security telemetry.
Excellent written, verbal, and interpersonal communication skills.
Preferred Skills
Experience in hybrid or Cloud Security operations environments.
Familiarity with AI-assisted detection and automation technologies to improve rule tuning, triage, and response speed.
Relevant industry certifications (e.g., GCIA, GCIH, GMON, or Azure Security Engineer).
Background in malware analysis, reverse engineering, or development of custom detection frameworks.
Passion for mentoring, knowledge-sharing, and driving innovation in cybersecurity practices.
Flexibility to support global operations, including shift work, holidays/weekends, and occasional travel.
Proactive, ownership-driven mindset with willingness to volunteer for high-impact tasks or assist in major incidents beyond assigned scope.
Salary Range Senior Detection & Response Engineer
- The typical base pay range for this position at the start of employment is expected to be between
$80,000 - $180,000
per year.
ZeniMax has different base pay ranges for different work locations within the United States, which allows us to pay employees competitively and consistently in different geographic markets. The range above reflects the potential base pay across the U.S. for this role; the applicable base pay range will depend on what ultimately is determined to be the candidate’s primary work location. Individual base pay depends on various factors, in addition to primary work location, such as complexity and responsibility of role, job duties/requirements, and relevant experience and skills. Base pay ranges are reviewed and typically updated each year. Offers are made within the base pay range applicable at the time.
At ZeniMax certain roles are eligible for additional rewards, such as merit increases and discretionary bonuses. These awards are allocated based on individual performance and are not guaranteed. Benefits/perks listed here may vary depending on the nature of employment with ZeniMax and the country work location. U.S.-based employees have access to healthcare benefits, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, wellbeing benefits, paid vacation time, paid sick and mental health time, and several paid holidays, among others.
We embrace diversity, equity, and inclusion in everything we do – from recruiting for our studios, publishing and operations to fostering safe and respectful workplaces that encourage collaboration. Our culture is based on principles of respect, inclusion, and fair treatment and we welcome anyone into our family without regard to race, religion, gender identity, sexual orientation, or age.
Our diversity fuels our innovation and inspires us to create game worlds that bring us closer to the global community of players we serve.
Site Visit The next step will be an invitation to come out and meet the team at the studio for onsite interviews.
In the event that we choose not to move forward at any point in the recruiting process, we will let you know.
Your Privacy ZeniMax understands the importance of privacy. Please review the Applicant Privacy Notice attached to each position, which explains how we process the personal information we collect about you when you apply for a job or submit information to us through our job portal. BY APPLYING FOR THIS OR ANY POSITION, SHARING THIS JOB, OR OTHERWISE PROVIDING US WITH YOUR PERSONAL INFORMATION THROUGH THIS JOB PORTAL, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THE APPLICANT PRIVACY NOTICE, WHICH IS SET FORTH IN the “APPLICANT PRIVACY NOTICE” SECTION BELOW EACH POSITION.
#J-18808-Ljbffr