Home › Companies › Uvcyber › Cyber Threat Detection & Response Engineer
Cyber Threat Detection & Response Engineer
Uvcyber · Remote · Remote · Deleted · $100,000–$120,000 / year · Lever
Job facts
| Field | Value |
|---|---|
| Company | Uvcyber |
| Title | Cyber Threat Detection & Response Engineer |
| Normalized title | - |
| Department / team | Commercial / MDR |
| Location | United States |
| Work model | Remote / Remote |
| Employment type | Full Time |
| Salary | $100,000–$120,000 / year |
| Status | deleted |
| ATS provider | Lever |
| Posted / first seen | 2026-04-08 / 2026-05-29 |
| Changed / last seen | 2026-06-17 / 2026-06-15 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Uvcyber. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Lever. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| Department jobs | Active postings in Commercial. | Open |
| Work model jobs | Active Remote postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Uvcyber |
| Source | 92f24395-ca54-430f-b131-cf4250cabae9 |
| ATS provider | Lever |
Description
Make a difference here.
UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams.
By creating continuously optimized identification, detection, and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.
UltraViolet Cyber is seeking a Cyber Threat Detection & Response Engineer to join the Threat Intelligence & Detection Engineering (TIDE) team. Your primary responsibilities will be performing threat hunts to identify, investigate, and respond to cyber threats in our customer environments, and creating intelligence-based threat detections to defend our customers against modern cyber threats. This role requires you to lean on deep technical expertise, advanced analytic skillsets, and knowledge of adversarial tactics, techniques, and procedures (TTPs) to help stop threat actors from compromising our customers. The ideal candidate will be open to engaging with internal account teams and customers to help strengthen their security posture, identify weaknesses, report on findings, and report on detection strategies.
UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.
We sincerely thank all applicants in advance for submitting their interest in this position. We know your time is valuable.
UltraViolet Cyber welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, gender identity, disability, or veteran status.
If you want to make an impact, UltraViolet Cyber is the place for you!
What You'll Do:
Proactively hunt for hidden threats across endpoints, networks, cloud, and applications.
Proactively create detection rules to alert SOC analysts of intrusions against customer networks.
Assist with tuning and enhancing existing detection rules to better defend against evolving threats.
Develop and execute hypotheses-driven threat hunting campaigns using security data and intelligence.
Analyze large volumes of log, endpoint, and network data to uncover anomalous or malicious activity.
Research and track adversary TTPs and leverage frameworks such as MITRE ATT&CK.
Collaborate with Detection Engineering to refine detection rules, signatures, and playbooks to improve threat detection.
Collaborate with Incident Response and SOC teams to investigate and contain security incidents.
Provide technical mentorship to junior threat hunters and SOC analysts.
Partner with Threat Intelligence to operationalize indicators and adversary insights.
Contribute to continuous improvement of detection engineering and hunting methodologies.
Regularly engage with internal account teams and customers to help strengthen their security posture, identify weaknesses, report on findings, and report on detection strategies.
Provide technical insight to internal account teams and customers as needed.
What You've Done:
U.S. citizenship is required
4+ years of experience in cybersecurity, with at least 2 years focused on threat hunting or detection engineering.
History of independently building custom behavior-based and/or threshold-based detections in customer environments from scratch.
Experience building detections in SentinelOne, Elastic, or CrowdStrike platforms.
Capable of independently identifying and tuning flaws in existing detections to reduce noise.
Experience independently building and performing hypothesis-driven threat hunts in customer environments.
Capable of clearly and concisely reporting findings from threat hunts.
History of meeting with customers to explain detections and threat hunt findings to senior leadership teams.
Experience working with and mapping detections to the MITRE ATT&CK framework.
Background knowledge in the cyber threat landscape, including threat actors, malware, and evolving TTPs.
Experience working with cyber threat intelligence analysts/teams to identify new detection opportunities.
Proficiency with SIEMs, EDR/XDR platforms, and log analysis tools.
Experience with scripting languages (Python, PowerShell, etc.) for scripting purposes.
Enjoy working in a team environment.
Willingness to learn from more senior team members while mentoring junior team members.
Preferred Qualifications:
Experience with pentesting or red teaming.
Experience with reverse engineering.
GIAC Threat Hunting (GCTH), Certified Enterprise Defender (GCED), or Certified Intrusion Analyst (GCIA) certification(s)
What We Offer:
401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
Group Term Life, Short-Term Disability, Long-Term Disability
Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
Participation in the Discretionary Time Off (DTO) Program
11 Paid Holidays Annually
Full job record
| Job ID | 2d37ac4344d349f88d46f6934345544b7391bc70 |
| Org ID | cf194943-fc15-4784-bd6e-8bce0f1d1a43 |
| Source ID | 92f24395-ca54-430f-b131-cf4250cabae9 |
| Board ID | 92f24395-ca54-430f-b131-cf4250cabae9 |
| Provider | lever |
| Provider Job Key | f4b9ab40-1d3f-4c24-a173-7e5f19c116e2 |
| Title | Cyber Threat Detection & Response Engineer |
| Normalized Title | — |
| Status | deleted |
| Active | no |
| Location Text | Remote |
| Department | Commercial |
| Team | MDR |
| Employment Type | Full-Time |
| Workplace Type | remote |
| Remote Policy | remote |
| Country | United States |
| Region | — |
| City | — |
| Salary Raw | USD 100000-120000 per-year-salary |
| Salary Min | 100,000 |
| Salary Max | 120,000 |
| Salary Currency | USD |
| Salary Period | year |
| Source URL | https://jobs.lever.co/uvcyber/f4b9ab40-1d3f-4c24-a173-7e5f19c116e2 |
| Apply URL | https://jobs.lever.co/uvcyber/f4b9ab40-1d3f-4c24-a173-7e5f19c116e2/apply |
| First Seen At | 2026-05-29 07:03:38Z |
| Last Seen At | 2026-06-15 07:56:38Z |
| Last Checked At | 2026-06-17 07:56:43Z |
| Last Changed At | 2026-06-17 07:56:43Z |
| Inactive At | 2026-06-17 07:56:43Z |
| Source Posted At | 2026-04-08 20:54:35Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=lever/board=uvcyber/date=2026-06-15/2026-06-15T07-56-37-480Z-ac127deb8f1f1040c966b07a47602080a1942d9b39e9fb4f5c00b3f8268f31fe.json |
Event Fields
{
"content_hash": "05f3c59c42e1c49d775f6fc070e47092f635933ee13c1a884b4137cd78192ddd",
"source_hash": "94133032140a296de4600eb1d569aabdf1773fccd3179eafbf738c6acb445c08",
"last_changed_at": "2026-06-17T07:56:43.101Z",
"active_status": "deleted"
}Parsed Structured
{
"language": "en",
"location": {
"raw": "Remote",
"city": null,
"region": null,
"country": "United States",
"is_remote": true,
"confidence": 0.9
},
"salary_max": 120000,
"salary_min": 100000,
"inferred_at": "2026-06-15T07:56:38.064Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "Remote",
"city": null,
"region": null,
"country": "United States",
"is_remote": true,
"confidence": 0.9
},
"countries": [
"United States"
]
},
"remote_policy": "remote",
"salary_period": "year",
"workplace_type": "remote",
"salary_currency": "USD"
}Extensions
{}Native Structured
{
"lists": [
{
"text": "What You'll Do:",
"content": "<div>\n<ul style=\"margin-top: 0in; margin-bottom: 0in;\">\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Proactively hunt for hidden threats across endpoints, networks, cloud, and applications.<span style=\"font-family: 'MS Gothic';\">
</span></p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Proactively create detection rules to alert SOC analysts of intrusions against customer networks.</p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Assist with tuning and enhancing existing detection rules to better defend against evolving threats.</p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Develop and execute hypotheses-driven threat hunting campaigns using security data and intelligence.<span style=\"font-family: 'MS Gothic';\">
</span></p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Analyze large volumes of log, endpoint, and network data to uncover anomalous or malicious activity.<span style=\"font-family: 'MS Gothic';\">
</span></p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Research and track adversary TTPs and leverage frameworks such as MITRE ATT&CK.</p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Collaborate with Detection Engineering to refine detection rules, signatures, and playbooks to improve threat detection.<span style=\"font-family: 'MS Gothic';\">
</span></p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Collaborate with Incident Response and SOC teams to investigate and contain security incidents.<span style=\"font-family: 'MS Gothic';\">
</span></p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Provide technical mentorship to junior threat hunters and SOC analysts.<span style=\"font-family: 'MS Gothic';\">
</span>Partner with Threat Intelligence to operationalize indicators and adversary insights.</p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Contribute to continuous improvement of detection engineering and hunting methodologies.</p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Regularly engage with internal account teams and customers to help strengthen their security posture, identify weaknesses, report on findings, and report on detection strategies.</p>\n</li>\n<li style=\"margin: 0in 0in 0in 0px; line-height: normal; font-size: 12pt; font-family: Aptos, sans-serif;\">\n<p>Provide technical insight to internal account teams and customers as needed.</p>\n</li>\n\n</ul></div>"
},
{
"text": "What You've Done:",
"content": "<ul style=\"margin-top: 0in; margin-bottom: 0in;\">\n<li>\n<p>U.S. citizenship is required</p>\n</li>\n<li>\n<p>4+ years of experience in cybersecurity, with at least 2 years focused on threat hunting or detection engineering.</p>\n</li>\n<li>\n<p>History of independently building custom behavior-based and/or threshold-based detections in customer environments from scratch.</p>\n</li>\n<li>\n<p>Experience building detections in SentinelOne, Elastic, or CrowdStrike platforms.</p>\n</li>\n<li>\n<p>Capable of independently identifying and tuning flaws in existing detections to reduce noise.</p>\n</li>\n<li>\n<p>Experience independently building and performing hypothesis-driven threat hunts in customer environments.</p>\n</li>\n<li>\n<p>Capable of clearly and concisely reporting findings from threat hunts.</p>\n</li>\n<li>\n<p>History of meeting with customers to explain detections and threat hunt findings to senior leadership teams.</p>\n</li>\n<li>\n<p>Experience working with and mapping detections to the MITRE ATT&CK framework.</p>\n</li>\n<li>\n<p>Background knowledge in the cyber threat landscape, including threat actors, malware, and evolving TTPs.</p>\n</li>\n<li>\n<p>Experience working with cyber threat intelligence analysts/teams to identify new detection opportunities.</p>\n</li>\n<li>\n<p>Proficiency with SIEMs, EDR/XDR platforms, and log analysis tools.</p>\n</li>\n<li>\n<p>Experience with scripting languages (Python, PowerShell, etc.) for scripting purposes.</p>\n</li>\n<li>\n<p>Enjoy working in a team environment.</p>\n</li>\n<li>\n<p>Willingness to learn from more senior team members while mentoring junior team members.</p>\n</li>\n</ul>"
},
{
"text": "Preferred Qualifications:",
"content": "<div>\n\n<li>Experience with pentesting or red teaming.</li>\n<li>Experience with reverse engineering.</li>\n<li>GIAC Threat Hunting (GCTH), Certified Enterprise Defender (GCED), or Certified Intrusion Analyst (GCIA) certification(s)</li>\n\n</div>"
},
{
"text": "What We Offer:",
"content": "<div>\n\n<li>401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed </li>\n<li>Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment) </li>\n<li>Group Term Life, Short-Term Disability, Long-Term Disability </li>\n<li>Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness </li>\n<li>Participation in the Discretionary Time Off (DTO) Program </li>\n<li>11 Paid Holidays Annually </li>\n\n</div>"
}
],
"country": "US",
"createdAt": 1775681675512,
"updatedAt": null,
"categories": {
"team": "MDR",
"location": "Remote",
"commitment": "Full-Time",
"department": "Commercial",
"allLocations": [
"Remote"
]
},
"salaryRange": {
"max": 120000,
"min": 100000,
"currency": "USD",
"interval": "per-year-salary"
},
"workplaceType": "remote"
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/2d37ac4344d349f88d46f6934345544b7391bc70?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/cf194943-fc15-4784-bd6e-8bce0f1d1a43JSONGET https://api.bluedoor.sh/job-postings/v1/sources/92f24395-ca54-430f-b131-cf4250cabae9JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/2d37ac4344d349f88d46f6934345544b7391bc70/eventsJSON