Senior Threat Detection Engineer
Skills
About This Role
Role Overview
- We are seeking a highly skilled and proactive Senior Threat Detection Engineer to join our cybersecurity team.
- This role is responsible for designing, developing, and continuously improving threat detection capabilities across the organization’s security monitoring platforms.
- The ideal candidate will have strong hands-on experience in SIEM engineering, detection logic development, and security monitoring tools such as EDR and NDR, with a particular preference for expertise in QRadar.
- You will play a critical role in strengthening the organization’s ability to detect, analyze, and respond to advanced cyber threats by building high-quality detection use cases, optimizing alerting mechanisms, and supporting threat hunting initiatives.
- **Key Responsibilities****1.
- SIEM Use Case Design & Implementation**
- Design, develop, and deploy advanced detection use cases within the SIEM platform to identify potential security threats and anomalies.
- Translate threat intelligence, attack techniques, and business risks into actionable detection logic.
- Ensure use cases align with frameworks such as MITRE ATT&CK and industry best practices.
- Continuously review and enhance existing SIEM content to maintain effectiveness against evolving threats.
2. Correlation Searches & Alert Engineering
- Develop and maintain correlation rules, searches, and alerting logic to identify multi-stage attacks and complex threat scenarios.
- Create meaningful alert conditions that provide actionable insights to SOC analysts.
- Establish thresholds, baselines, and behavioral analytics to improve detection accuracy.
- Ensure alerts are properly enriched with contextual data to facilitate faster investigation and response.
- 3.
- Detection Engineering Across Security Tools (EDR, NDR, etc.)
- Build and tune detection use cases across endpoint and network monitoring tools such as EDR and NDR platforms.
- Integrate telemetry from multiple sources to enhance visibility and detection coverage.
- Collaborate with engineering teams to onboard new data sources into the SIEM and other monitoring tools.
- Optimize detection strategies across different layers (endpoint, network, application).
4. Alert Tuning & False Positive Reduction
- Continuously analyze and tune alerts to minimize false positives and reduce alert fatigue within the SOC.
- Conduct root cause analysis of noisy alerts and implement improvements to detection logic.
- Balance sensitivity and accuracy to ensure high-fidelity alerts without missing critical threats.
- Maintain documentation of tuning activities and improvements for audit and knowledge sharing.
5. Threat Hunting Support
- Collaborate with threat hunting teams to develop hypotheses and detection strategies based on emerging threats.
- Convert threat hunting findings into scalable detection use cases.
- Analyze logs and telemetry data to identify indicators of compromise (IOCs) and suspicious behavior.
- Support proactive threat detection initiatives to uncover hidden threats within the environment.
6. Platform Expertise & Optimization (QRadar Preferred)
- Leverage deep expertise in QRadar (or similar SIEM platforms) to build, optimize, and maintain detection content.
- Configure log sources, parsing rules, and event normalization within the SIEM.
- Monitor SIEM performance and ensure optimal system health and efficiency.
- Stay up to date with new features, updates, and best practices related to QRadar and other tools.
- **Requirements**
- Minimum of 3+ years of experience in cybersecurity, with a strong focus on threat detection engineering or SIEM administration.
- Proven experience designing and implementing SIEM detection use cases.
- Hands-on experience with SIEM platforms (QRadar strongly preferred).
- Experience working with EDR and/or NDR tools and building detection logic within these platforms.
- Strong understanding of security event logs, network traffic, and endpoint telemetry.
- Knowledge of cyber threat landscapes, attack techniques, and adversary behavior.
- Familiarity with frameworks such as MITRE ATT&CK, Cyber Kill Chain, or similar.
- Experience in alert tuning and reducing false positives in a SOC environment.
- Strong analytical and problem-solving skills.
Your resume, rewritten
for this exact role.
Sign up free — Base Career tailors your CV to this job description in 60 seconds.
01 / 05
Resume Tailored to This Job
Your keywords, structure, and story — rewritten to match this exact role and pass ATS filters.
Free · No card · 60 seconds
02 / 05
Cover Letter for This Role, Done
Job-specific cover letters written in Gulf professional tone — ready in seconds, not hours.
Free · No card · 60 seconds
03 / 05
See How Well You Fit This Role
AI match score with clear reasons — know your fit before investing time in the application.
Free · No card · 60 seconds
04 / 05
Apply in One Click
Autofill any application form on Workday, LinkedIn, Bayt, Greenhouse — with your tailored content.
Free · No card · 60 seconds
05 / 05
Track It. Follow Up at the Right Time.
Visual pipeline for every application with AI-timed follow-up reminders so nothing slips.
Free · No card · 60 seconds
Similar Jobs
Senior Threat Intelligence Analyst, Crypto
TRM Labs · Dubai
Build a Safer World. TRM Labs provides blockchain analytics and AI solutions to help law enforcement and national security agencies, financial institutions, and cryptocurrency businesses detect, investigate, and disrupt
Skills
1 weeks ago
Apply Now↗Apply Now ↗Senior Threat Intelligence Analyst, Crypto
TRM Labs ·
Build a Safer World. TRM Labs provides blockchain analytics and AI solutions to help law enforcement and national security agencies, financial institutions, and cryptocurrency businesses detect, investigate, and disrupt
Skills
1 weeks ago
Apply Now↗Apply Now ↗Senior Threat Emulation Engineer - Red Team
Emirates · Dubai
Job Purpose At Emirates, we believe in connecting the world, to and through, our global hub in Dubai; and in constantly innovating to ensure our customers ‘Fly Better’. Emirates Group IT thrives on the dynamic nature of
Skills
2 weeks ago
Apply Now↗Apply Now ↗Senior Threat Emulation Engineer
The Emirates Group · Dubai
Job Purpose At Emirates, we believe in connecting the world, to and through, our global hub in Dubai; and in constantly innovating to ensure our customers ‘Fly Better’. Emirates Group IT thrives on the dynamic nature of
Skills
2 weeks ago
Apply Now↗Apply Now ↗Senior Threat Intelligence Analyst, Crypto
TRM Labs · Dubai
Build a Safer World. ------------------------ TRM Labs provides blockchain analytics and AI solutions to help law enforcement and national security agencies, financial institutions, and cryptocurrency businesses detect,
Skills
1 months ago
Apply Now↗Apply Now ↗2.2K+
Cover Letters & Follow-ups
1.8K+
Resumes Tailored
190.5K+
Jobs Tracked
Trusted by professionals at
Stop applying blindly.
Start getting hired.
Base Career automates the hardest parts of job searching — apply smarter, not harder.
AI Resume in 60s
Your resume rewritten for this exact role using the job description as the brief.
ATS-Optimized
Get past automated screening filters with the right keywords matched to each job.
Application Tracker
Track every job, follow-up, and interview in one visual kanban board.
Free plan · No credit card required