Job Description
We are seeking a Detection Engineer to enhance our SaaS cloud security posture by developing, optimizing, and automating threat detection and response capabilities. This role involves designing and implementing detection-as-code, leveraging cloud-native security tools, and collaborating with security operations and engineering teams to identify, analyze, and mitigate cyber threats at cloud scale. The ideal candidate will have a strong background in cloud security, threat detection, and automation, with a deep understanding of SaaS-specific attack vectors.
Key Responsibilities
1. Detection Development & Automation:
1. Develop and implement high-fidelity detection rules using detection-as-code methodologies.
2. Leverage SIEMs, XDR platforms, and cloud-native security services to create effective detections.
3. Automate detection deployment, tuning, and maintenance.
2. Threat Hunting & Incident Response:
1. Conduct proactive threat hunting based on MITRE ATT&CK techniques, TTPs, and threat intelligence.
2. Work closely with SOC analysts, IR teams, and Red Teams to refine detection logic and improve response processes.
3. Log Management & Data Engineering:
1. Identify, collect, and normalize security telemetry.
2. Optimize log ingestion and parsing strategies for efficient threat detection.
4. Threat Intelligence & Detection Optimization:
1. Integrate threat intelligence feeds into detection workflows to improve alert accuracy.
2. Continuously fine-tune detections to reduce false positives while maximizing coverage against emerging threats.
3. Conduct proactive security research teams to stay ahead of evolving attack techniques in SaaS environments.
Minimum Qualifications
1. 3+ years of experience in security engineering, threat detection, or incident response, with a focus on cloud environments.
2. Proficiency in detection-as-code, utilizing tools like Sigma, OpenSearch, KQL, or Splunk SPL.
3. Strong knowledge of SaaS security challenges and cloud security frameworks (e.g., CIS, NIST, MITRE ATT&CK).
4. Experience working with SIEM, SOAR, XDR, and cloud-native security tools.
5. Hands-on experience with log analysis, threat intelligence, and detection engineering in cloud-first environments.
6. Scripting and automation skills in Python, PowerShell, or Bash.
7. Familiarity with container security (Kubernetes, Docker).
8. Ability to work in high-scale SaaS environments and design efficient, automated detection workflows.
Preferred Qualifications
1. Experience with detection engineering, SOC operations, threat hunting, or digital forensics.
2. Knowledge of detection frameworks (SIGMA, YARA, or custom ML-based detections).
3. Familiarity with Terraform or other IaC tools for security automation.
4. Experience developing security detections for API-driven applications and microservices.
5. Cloud security certifications (e.g., AWS Security Specialty, GCP Security Engineer, Azure Security Engineer, GIAC GCDA/GCFA).
About Us
As a world leader in cloud solutions, Oracle uses tomorrow's technology to tackle today's problems. True innovation starts with diverse perspectives and various abilities and backgrounds.
When everyone's voice is heard, we're inspired to go beyond what's been done before. It's why we're committed to expanding our inclusive workforce that promotes diverse insights and perspectives.
We've partnered with industry-leaders in almost every sector-and continue to thrive after 40+ years of change by operating with integrity.
Oracle careers open the door to global opportunities where work-life balance flourishes. We offer a highly competitive suite of employee benefits designed on the principles of parity and consistency. We put our people first with flexible medical, life insurance and retirement options. We also encourage employees to give back to their communities through our volunteer programs.
We're committed to including people with disabilities at all stages of the employment process. If you require accessibility assistance or accommodation for a disability at any point, let us know by calling +1 888 404 2494, option one.
Disclaimer:
Oracle is an Equal Employment Opportunity Employer*. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans' status, or any other characteristic protected by law. Oracle will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.
* Which includes being a United States Affirmative Action Employer
#J-18808-Ljbffr