Job Description The Cyber Detection & Automation Engineer will be responsible designing, developing, and maintaining advanced threat detection logic and workflow automations across our security tools and platforms. You will work closely with SOC analysts, threat intelligence, and incident response commanders to ensure proactive and accurate detection of malicious activity in our environment.  Design, implement and automate high-fidelity detection rules using SIEM, EDR, and other telemetry sources (e.g. Sentinel, Defender, AWS, etc.) to improve efficiency and accuracy.  Monitor and tune alerts to reduce false positives and improve signal-to-noise ratio.  Regularly test and validate detection content to ensure its effectiveness and accuracy.  Create documentation and knowledge transfer materials for detections and engineering processes.  Perform gap analysis and continuously improve detection coverage, accuracy, and resilience.  Design and develop security automations workflows using SOAR (Security Orchestration, Automation, and Response) primarily using Microsoft Sentinel/Logic Apps.  Build and maintain custom integrations with SIEM, EDR, Threat Intel feeds, ticketing systems, and other SOC tools.  Automate repetitive SOC tasks such as alert triage, enrichment, IOC lookups, and ticket creation.  Develop dashboards or utilities to improve visibility and operational insights into SOC metrics.  Collaborate with security operations center analysts & threat intelligence to stay ahead of evolving adversary tactics (MITRE ATT&CK-based).  Create and update relevant runbooks, playbooks and other necessary documentation around detection rules and attacker TTP's.  Prepare and present detailed reports on detection/automation activities, findings, and improvements to senior management. We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf) . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements Bachelors degree in cybersecurity, computer science, information technology, or related field.  5+ years in cybersecurity, with 3+ years specifically in detection and automation engineering.  Proficiency in writing detection logic using KQL, SPL or other relevant query languages.  Experience with query languages such as KQL, SPL and scripting languages (Bash, PowerShell, Python, JavaScript)  Proficient in developing automations using SOAR platforms, specifically Microsoft Sentinel/Logic Apps  Understanding of SOC operations, incident response workflows, and threat detection techniques.  Experience with RESTful APIs and integration of third-party tools.  Experience building advanced analytics (ML) and developing AI agents/tools  Experience in a cloud-first or hybrid cloud environment (preferably AWS and Azure).  Strong, practical knowledge of the MITRE ATT&CK framework, and how to map adversary behaviors to telemetry for detection design. null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.