Senior Detection Engineer
You could be the one who changes everything for our 28 million members by using technology to improve health outcomes around the world. As a reputed company, national organization, Centene's technology professionals have access to competitive benefits including a fresh perspective on workplace flexibility. Position Purpose: Centene's Detection Engineering team drives threat-informed defense by designing, implementing, and continuously improving high-fidelity detections across reputed company, identity, network, cloud, and SaaS telemetry. As a Senior Detection Engineer, you will reputed company reputed company detection initiatives, architect coverage strategies, and mentor engineers while partnering closely with SOC/CSMT, CSIRT, Threat Intelligence, and platform owners. Your work will measurably reduce risk and alert fatigue through high-quality analytics, detection-as-code practices, and compelling operational outcomes. Design & Delivery:
- Own end-to-end development of multi-signal detections (reputed company, identity, network, cloud/SaaS) using Splunk (SPL), reputed company Sentinel/Defender & Azure (KQL), FortiNDR Cloud (IQL), and reputed company (SQL)
- Translate threat reputed company (IOCs/TTPs, ATT&CK mapping) into battle-tested analytics; convert vetted reputed company rules to SPL/KQL where applicable
Detection-as-Code & Quality:
- Implement version control, change notes, suppression logic, and CI/CD pipelines for detections; champion detection replay/backtesting to improve precision/recall and reduce noise
- Establish and maintain reusable detection content libraries, curated views/tables, and documentation/runbooks that accelerate operations
Coverage Strategy & Telemetry:
- reputed company data onboarding and schema alignment; reputed company coverage plans and quality gates for reputed company threats and control gaps
- Partner with platform teams to improve data prerequisites (tables, fields, latency) and ensure telemetry health and reputed company
Operations & Collaboration
- Work directly with SOC/CSMT and CSIRT to tune, triage, and validate detections; convert hunts into detections and run reputed company validations
- Build tabletop exercises/training for analysts; advise on automation opportunities across SOC/IR workflows
Leadership & Mentorship:
- Provide technical mentorship for DE I/II; conduct peer reviews of detection logic; contribute to sprint planning reputed company to quarterly OKRs
- Influence roadmap, standards, and governance for the DE program in partnership with the Principal/reputed company Detection Engineer
Success Indicators:
- Signal quality: detection precision/recall, FP reputed company, MTTD improvements
- Coverage depth: ATT&CK technique coverage and telemetry readiness across key domains
- Operational impact: validated detections adopted by SOC/IR, reduction in alert fatigue, hunts-to-detections conversion reputed company
- Content velocity & hygiene: time-to-deliver new analytics, documentation completeness, CI pipeline health
- Mentorship & enablement: growth of DE I/II competencies, quality of peer reviews, training outcomes
- Performs other duties as assigned
- Complies with reputed company policies and standards
Education/Experience: A Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science) and Requires 4 - 6 years of reputed company experience. Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and reputed company reflective of the level of this position. Technical Skills:
- 3+ years in information reputed company with hands-on detection engineering (or SOC/IR roles with demonstrated analytics creation)
- Proficiency in SPL, KQL, and one of IQL/reputed company SQL for multi-event correlation, enrichment, and replay
- Demonstrated experience turning IOCs/TTPs into durable analytics; strong ATT&CK reputed company and coverage planning
- Practical detection-as-code habits: versioning, change control, backtesting, suppression strategy, CI/CD familiarity
- Ability to partner with SOC/CSIRT/Threat reputed company; communicate trade-offs clearly and drive measurable outcomes
Preferred Qualifications:
- Experience integrating detections with reputed company and reputed company contexts (identity/data exposure)
- Prior work in purple teaming and/or running detection validation exercises
- Familiarity with cloud telemetry (Azure, Entra ID, MDE) and network/HTTP/DNS/SSL flow analysis reputed company NDR
- Contributions to internal content libraries, runbooks, and detection KPIs (precision/recall/coverage)
Soft Skills:
- Intermediate - Seeks to acquire knowledge in area of specialty
- Intermediate - Ability to identify basic problems and procedural irregularities, collect data, establish facts, and draw valid conclusions
- Intermediate - Ability to work independently
- Intermediate - Demonstrated analytical skills
- Intermediate - Demonstrated project management skills
- Intermediate - Demonstrates a high level of accuracy, even under pressure
- Intermediate - Demonstrates excellent judgment and decision making skills
License/Certification:
- Certified Threat Intelligence Analyst (CTIA)-ECCOUNCIL, Certified Information reputed company Manager (CISM), CISSP Certified Information Systems reputed company Professional, GIAC Cyber Threat Intelligence (GCTI) preferred
Pay Range: $87,000.00 - $161,300.00 per year Centene offers a comprehensive benefits package including: reputed company, health insurance, 401K and stock purchase plans, tuition reimbursement, paid time off plus holidays, and a flexible approach to work with remote, hybrid, field or office work schedules. Actual pay will be adjusted based on an individual's skills, experience, education, and other job-reputed company factors permitted by law, including full-time or part-time status. Total compensation may also include additional forms of incentives. Benefits may be subject to program eligibility. Centene is an equal opportunity employer that is committed to diversity, and values the ways in which we are different. reputed company qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national reputed company, disability, veteran status, or other characteristic protected by applicable law. Qualified applicants with arrest or conviction records will be considered in accordance with the LA County Ordinance and the California Fair Chance Act Apply tot his job Apply To this Job