# Security Detection Engineer

**Company:** [WHOOP](https://hotfix.jobs/companies/whoop)
**Location:** Boston, MA
**Role:** Security Engineering
**Experience:** 4+ years
**Skills:** Python, Go, PowerShell, Yara, Sigma, Suricata, Mitre Att&Ck, Cloud Security, Identity Security, Incident Response
**Posted:** 2026-05-13

> Design and scale high-fidelity detection capabilities across cloud, identity, endpoint, and application environments to protect biometric and health data. Requires 4+ years in security detection or operations with strong scripting and detection tuning experience.

## Job Description

## Responsibilities
- Design, build, and scale high-signal detections across cloud, identity, endpoint, network, and application layers using Detection-as-Code principles.
- Develop and maintain detection logic aligned to real-world attacker behavior and frameworks such as MITRE ATT&CK across modern security platforms.
- Translate threat intelligence into actionable detections and validate effectiveness through adversary emulation and testing.
- Build behavioral detections to protect against threats such as account takeover, credential abuse, API misuse, automation attacks, privilege escalation, and data exfiltration.
- Continuously improve detection quality by tuning alerts, reducing false positives, and implementing automated enrichment and triage.
- Define and track detection KPIs (e.g., precision, recall, false positive rate, MTTD) and implement processes to measure and improve detection health.
- Support and lead incident investigations, including containment, root cause analysis, and post-incident detection improvements.
- Contribute to the on-call rotation while proactively reducing operational overhead through automation.
- Partner with Engineering, IT, Infrastructure, Product, and GRC to ensure systems launch with strong monitoring and detection coverage.
- Map detections to threat models, identify visibility gaps, and continuously improve coverage as the environment scales.
- Explore and apply advanced analytics and machine learning techniques to improve detection fidelity, reduce noise, and enhance triage and investigation workflows.
- Stay ahead of evolving threats by researching emerging attack techniques and incorporating learnings into detection strategy.

## Requirements
- 4+ years of hands-on experience in Information Security, with a focus on detection engineering, threat detection, or security operations.
- Demonstrated experience writing and tuning detections across cloud, identity, endpoint, or application environments.
- Familiarity with detection frameworks and tooling such as YARA, SIGMA, Suricata, or similar rule-based detection methodologies.
- Strong understanding of attacker techniques across identity compromise, cloud abuse, lateral movement, and data exfiltration.
- Expertise analyzing and building detections on cloud and SaaS telemetry, including authentication events, API activity, and system logs.
- Strong scripting skills in a scripting language such as Python, Go, or PowerShell for automation and tool development.
- Ability to operate effectively in a fast-paced, high-growth environment.
- Strong analytical mindset with a systems-thinking approach to reducing noise and increasing signal fidelity.
- Experience supporting incident response investigations and participating in on-call rotations.

## Nice-to-Haves
- Experience building detective controls for consumer-facing platforms or detecting authentication and API abuse at scale.
- Familiarity with applying data analysis or machine learning techniques to security detection or alert triage.
- Bachelor’s degree in Computer Science, Information Security, or a related technical field, and/or relevant security certifications.

## Similar roles

- [Security Program Manager](https://hotfix.jobs/jobs/e7f7fcaf-1979-4194-9131-83689809fe47) - Forus - New York, NY
- [Safeguards Enforcement Analyst, Account Takeover & Credential Abuse](https://hotfix.jobs/jobs/31f5d0ec-9b31-4419-a4b1-2e826ec7a358) - Anthropic - San Francisco, CA - $245k – $285k/yr
- [Application Security Engineer](https://hotfix.jobs/jobs/d240253e-6098-4419-8f04-aaf793f42c03) - Zocdoc - Remote - $100k – $140k/yr
- [Detection & Mitigation Engineer](https://hotfix.jobs/jobs/61def9c4-f4a5-41a5-99c6-579a61033a73) - Cloudflare
- [Security & Compliance Operations Manager](https://hotfix.jobs/jobs/90ac6643-526f-4aeb-bb4f-d71bc1af1fcd) - Mintlify - San Francisco, CA - $120k – $180k/yr

**Apply:** https://hotfix.jobs/jobs/7ef21d3b-94ae-4464-8e80-9fa36db7b93e
**Canonical:** https://hotfix.jobs/jobs/7ef21d3b-94ae-4464-8e80-9fa36db7b93e