Key skills
CloudCommunicationCritical ThinkingNetwork Security
About this role
Role Overview
- Design, develop, and maintain detection logic across endpoint, network, and cloud environments
- Create and tune detections using tools such as CrowdStrike, Zscaler, SIEM platforms, and DLP solutions
- Leverage Cyberhaven to build and enhance data exfiltration and insider risk detections
- Analyze logs and telemetry to identify attack patterns, anomalies, and emerging threats
- Continuously improve detection quality by reducing false positives and increasing signal fidelity
- Partner with Incident Response and Security Operations to investigate alerts and refine detection strategies
- Develop and document detection use cases, playbooks, and workflows
- Stay current with adversary tactics, techniques, and procedures (TTPs) and translate them into actionable detections
- Contribute to detection automation and engineering initiatives to improve scalability and efficiency
Requirements
- Strong experience with Data Loss Prevention (DLP) tools and workflows like CyberHaven and Microsoft Purview
- Experience with CrowdStrike and Zscaler (or comparable EDR and network security platforms)
- Deep understanding of Windows event logs and other investigation-relevant artifacts
- Experience working with SIEM platforms, log management systems, and endpoint security tools
- Strong analytical and critical thinking skills with exceptional attention to detail
- Ability to investigate complex security events and translate findings into detection improvements
- Excellent written and verbal communication skills, with the ability to clearly explain complex security concepts
- Strong interpersonal skills and the ability to collaborate effectively across security, IT, and engineering teams
- Self-driven with a continuous improvement mindset
Tech Stack
- Cloud
Benefits
- We are proud to be an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, or other legally protected status.
- Datavant is committed to a work environment free from job discrimination.
- Datavant is committed to building a diverse team of Datavanters.