Northern Trust
Detection Engineer
The Detection Engineer will play a crucial role in our cybersecurity team by developing and refining detection content to safeguard our digital assets. The ideal candidate will be responsible for developing, tuning, and maintaining advanced detection mechanisms across our security platforms. This role requires a deep understanding of threat actor tactics, techniques, and procedures (TTPs), and a passion for defending against evolving cyber threats. Key responsibilities include: Build, refine, and manage detection content to identify and mitigate potential threats. Develop a Detection-as-Code standard using code repositories and CI/CD pipelines to streamline content deployment via Infrastructure-as-Code methodologies. Work closely with various teams in Security Operations to anticipate and detect potential threats before they fully materialize. Participate in continuous improvement initiatives to enhance detection capabilities and efficiency. Develop and maintain documentation for detection logic, use cases, and response playbooks. Maintain up-to-date knowledge of the latest cybersecurity threats, tools, and best practices. Contribute to automation of detection and response processes using SOAR platforms. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. 3+ years of experience in cybersecurity, preferably in detection engineering, threat hunting, or incident response. Proficiency in writing and tuning detection logic in SIEM platforms (e.g., Splunk, Sentinel, Elastic). Strong understanding of cybersecurity principles, including SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions. Experience with coding/scripting languages such as Python, PowerShell, or Bash. Familiarity with CI/CD pipelines, code repositories (e.g., Git), and Infrastructure-as-Code tools (e.g., Terraform, Ansible). Excellent problem-solving skills and attention to detail. Strong communication and documentation abilities. Preferred qualifications: Experience in a cloud environment (e.g., AWS, Azure, GCP). Knowledge of malware analysis, reverse engineering, and digital forensics. Experience with performing insider threat analysis and detections. Knowledge of security orchestration and automation platforms. Relevant certifications such as GCDA, GCFA, or equivalent. We are seeking a dedicated and detail-oriented Detection Engineer who is passionate about cybersecurity and eager to contribute to a dynamic and fast-paced environment. If you are driven by the challenge of protecting digital infrastructure and have the expertise to enhance our detection capabilities, we encourage you to apply. Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component. As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.
The Detection Engineer will play a crucial role in our cybersecurity team by developing and refining detection content to safeguard our digital assets. The ideal candidate will be responsible for developing, tuning, and maintaining advanced detection mechanisms across our security platforms. This role requires a deep understanding of threat actor tactics, techniques, and procedures (TTPs), and a passion for defending against evolving cyber threats. Key responsibilities include: Build, refine, and manage detection content to identify and mitigate potential threats. Develop a Detection-as-Code standard using code repositories and CI/CD pipelines to streamline content deployment via Infrastructure-as-Code methodologies. Work closely with various teams in Security Operations to anticipate and detect potential threats before they fully materialize. Participate in continuous improvement initiatives to enhance detection capabilities and efficiency. Develop and maintain documentation for detection logic, use cases, and response playbooks. Maintain up-to-date knowledge of the latest cybersecurity threats, tools, and best practices. Contribute to automation of detection and response processes using SOAR platforms. Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. 3+ years of experience in cybersecurity, preferably in detection engineering, threat hunting, or incident response. Proficiency in writing and tuning detection logic in SIEM platforms (e.g., Splunk, Sentinel, Elastic). Strong understanding of cybersecurity principles, including SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions. Experience with coding/scripting languages such as Python, PowerShell, or Bash. Familiarity with CI/CD pipelines, code repositories (e.g., Git), and Infrastructure-as-Code tools (e.g., Terraform, Ansible). Excellent problem-solving skills and attention to detail. Strong communication and documentation abilities. Preferred qualifications: Experience in a cloud environment (e.g., AWS, Azure, GCP). Knowledge of malware analysis, reverse engineering, and digital forensics. Experience with performing insider threat analysis and detections. Knowledge of security orchestration and automation platforms. Relevant certifications such as GCDA, GCFA, or equivalent. We are seeking a dedicated and detail-oriented Detection Engineer who is passionate about cybersecurity and eager to contribute to a dynamic and fast-paced environment. If you are driven by the challenge of protecting digital infrastructure and have the expertise to enhance our detection capabilities, we encourage you to apply. Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component. As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose. Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com. We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people. Apply today and talk to us about your flexible working requirements and together we can achieve greater.