← Back to Jobs
Full Time

Security Engineer, Detection Engineering - Saronic - San Diego, CA (+3 others)

Saronic

Apply Now
San Diego, CA (+3 others)
Google Jobs
Posted 12 days ago

Saronic Technologies is a leader in revolutionizing defense autonomy at sea, dedicated to developing state-of-the-art solutions that enhance maritime operations for the Department of Defense (DoD) through autonomous and intelligent platforms.

Security at Saronic is a force multiplier. We're seeking a Security Engineer at the senior-level or above on our Security Operations team with strong detection engineering experience. You'll design and develop high-fidelity detection content, build and operate the data pipelines that power our security operations, develop automation playbooks that accelerate response, and work across a uniquely diverse telemetry landscape spanning cloud infrastructure, embedded vessel platforms, corporate systems, and operational technology.

This role is heavily weighted toward detection engineering. You should think in terms of adversary behavior and telemetry coverage, not just alert triage. You'll own detections end-to-end: from identifying gaps in coverage, through designing and testing detection logic, to tuning and validating in production.

\n

Key Responsibilities:
Design, build, test, and tune high-fidelity detection rules and analytic queries across endpoint, cloud, network, identity, and DLP telemetry sources
Develop and maintain detection content using detection-as-code practices including version-controlled logic, automated testing, and CI/CD deployment
Map detection coverage to MITRE ATT&CK, identify gaps, and prioritize new detection development based on threat intelligence and business risk
Engineer correlation rules, behavioral analytics, and anomaly-based detections that minimize false positives while surfacing real adversary tradecraft
Own the detection lifecycle from initial development through production tuning, performance monitoring, and retirement
Build and operate pipelines to ingest, normalize, enrich, and manage security telemetry at scale across diverse data sources, using Terraform and infrastructure-as

Apply for this Position