Cybersecurity Detection Engineer

About Command|Link Command|Link is a global SaaS Platform providing network, voice services, and IT security solutions, helping corporations consolidate their core infrastructure into a single vendor and layering on a proprietary single pane of glass platform. Command|Link has revolutionized the IT industry by tackling the problems our competitors create. In recognition for our unprecedented innovation and dedication, Command|Link was recognized as the SD-WAN Product of the Year, ITSM Visionary Spotlight, UCaaS Product of the Year, NaaS Product of the Year, Supplier of the Year, and the AT&T Strategic Growth Partner. Command|Link has built the only IT platform for scale that solves ISP vendor sprawl and IT headaches. We make it easy for our customers to get more done, maximize uptime and improve the bottom line. Learn more about us here ! This is a 100% remote position! About your new role: We are seeking a highly skilled Cybersecurity Detection Engineer to join our growing security organization. In this role, you will develop, optimize, and operationalize threat detection capabilities that safeguard Command|Link’s infrastructure, data, and customers. You will be hands-on in creating detection logic, analyzing threat behavior, improving visibility across systems, and supporting investigations into sophisticated cyber threats. This role is critical in strengthening our defensive posture against malware, phishing campaigns, insider threats, cloud-based attacks, credential compromise, and other emerging risks. You will work closely with our SOC, engineering teams, and compliance teams to ensure our detection landscape remains accurate, scalable, and resilient. Key Responsibilities: Design, build, and refine high-fidelity detections across SIEM, XDR/EDR, network, and cloud platforms to identify malicious activity and anomalous behavior. Develop and maintain detection use cases, alert logic, rule tuning, dashboards, and automation workflows to improve SOC effectiveness. Conduct deep-dive investigations into escalated threats, including malware infections, privilege misuse, lateral movement, suspicious endpoint activity, and cloud-based attacks. Partner with SOC analysts to improve triage workflows, reduce false positives, and enhance detection accuracy. Analyze new threat behaviors and convert intelligence into actionable detection capabilities. Perform detection lifecycle management, including documentation, validation, QA testing, and periodic rule reviews. Support blue-team engineering initiatives, such as log onboarding, telemetry enrichment, and visibility gap analysis. Collaborate with compliance and security engineering teams to support security audits, including SOC 2, regulatory compliance, and internal governance requirements. Participate in security architecture planning and contribute to the design of scalable, resilient security solutions. Communicate complex technical threats and detection logic clearly to both technical and non-technical stakeholders Takes on additional responsibilities and projects as needed to support the success of the team and organization. What you'll need for success: 5+ years of experience in cybersecurity engineering, detection engineering, threat hunting, SOC analysis, or related defensive security roles. 2+ years of hands-on experience developing detection logic in SIEM, EDR, or cloud-native security tools (ex: Sentinel, Splunk, CrowdStrike, Carbon Black, Defender, Chronicle, Elastic). 2+ years of hands-on experience working on anomaly detection or AI threat engines. Proven experience analyzing attacker behavior, MITRE ATT&CK techniques, and common threat vectors. Strong understanding of malware behavior, endpoint telemetry, log sources, security controls, and network protocols. Ability to identify patterns, anomalies, and indicators across large and diverse data sets. Experience with scripting or automation (Python, PowerShell, or similar) is preferred. Familiari ... (truncated, view full listing at source)