Lead the maturation of the Security Team’s detection and response practice while working alongside security engineers and analysts
Implement detection development standards aligned to modern best practices like Detection-as-Code
Own the design, testing, and deployment of high-fidelity detections across client environments
Develop supporting and compensating means of threat detection using Datadog platform features other than Detection Rules
Expand coverage of security detection capabilities across endpoint, network, application, cloud, and identity data sources.
Translate threat models and real incidents into high-confidence detection patterns; maintain access to threat intelligence feeds to ensure the Security Operations Team can detect emerging threats
Build and maintain runbooks, response workflows, and post-incident learning loops
Leverage and integrate automation and AI to enable human-led detection engineering at scale

2-4 years of experience in a technical role in the areas of Security Engineering, Detection Engineering, or Incident Response
Strong understanding of logging, telemetry, and signal design in modern cloud and application environments
Strong communication skills, capable of presenting complex technical information clearly to both technical and non-technical audiences
A proactive mindset and a passion for continuous learning in the rapidly evolving field of cybersecurity
Familiarity with threat detection and response frameworks (ex: MITRE ATT&CK, Cyber Kill Chain)
Experience consuming and analyzing Cyber Threat Intelligence for actionable takeaways
Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals
Infrastructure-as-Code experience (Terraform, CloudFormation)

Detection Engineer

Key skills