Home › Companies › Hunter Strategy › Detection Engineer
Detection Engineer
Hunter Strategy · Remote (United States), United States · Remote · Active · Rippling ATS
Job facts
| Field | Value |
|---|---|
| Company | Hunter Strategy |
| Title | Detection Engineer |
| Normalized title | - |
| Department / team | Federal Delivery |
| Location | United States |
| Work model | Remote / Remote |
| Employment type | Full Time |
| Salary | - |
| Status | active |
| ATS provider | Rippling ATS |
| Posted / first seen | 2026-06-04 / 2026-06-06 |
| Changed / last seen | 2026-06-06 / 2026-06-06 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Hunter Strategy. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Rippling ATS. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| Department jobs | Active postings in Federal Delivery. | Open |
| Work model jobs | Active Remote postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Hunter Strategy |
| Source | 81096030-246e-4bab-98e6-f648a5fa4020 |
| ATS provider | Rippling ATS |
Description
company
About Hunter Strategy
Hunter Strategy has a unique philosophy to technical project delivery. We treat all our customers like mission partners because they rely on our team to meet their objectives through complex software engineering, cloud operations, and cyber risk management solutions. Hunter Strategy was founded on the premise that IT is 21st century infrastructure - critically important but only instrumentally valuable. Accordingly, our teams look at problems with a single objective: the identification and enablement of the right capability to address the most vexing problems our Mission Partners face. We continue to support our partners' success by leveraging the right technology, with the right plan, and the right team to address tomorrow's challenges today.
role
Detection Engineer
Position Overview
The Detection Engineer is responsible for analyzing malware and adversary behavior, developing emulations, and creating detection logic to improve visibility and response across enterprise environments. This role supports detection engineering, threat hunting, and incident response by translating malware analysis and telemetry insights into actionable detections and high-quality technical reporting.
Responsibilities
· Perform static and dynamic malware analysis using tools such as Detect It Easy, System Informer, and API Monitor to build attack chains and support emulation development.
· Reverse engineer payloads and scripts to document execution behavior in detail.
· Write emulations in languages such as C++, PowerShell, C#, and others to emulate malware behavior identified during analysis.
· Develop detection logic based on emulations and malware analysis findings.
· Identify telemetry gaps in Sysmon, auditd, EDR, and other data sources to improve detection coverage.
· Produce high-quality technical reports with executive-level summaries of findings.
· Debug malware and emulations using tools such as x64dbg, WinDbg, or other debuggers.
· Analyze applications for vulnerabilities using reverse engineering and debugging tools.
· Correlate events across incidents and malware behaviors identified during malware analysis.
· Conduct hunt activities from a detection engineering perspective.
Educational Requirements / Qualifications
·Strong understanding of Splunk Search Processing Language (SPL).
·Proficiency in coding languages including C++, C#, Python, and Perl.
·Proficiency in scripting languages including PowerShell, JavaScript, and VBScript.
·Strong understanding of networking fundamentals.
·Strong understanding of Windows and Linux internals.
Full job record
| Job ID | 43d7fe9bb336e6d018d6e3a25c38145ca1fa4bde |
| Org ID | eba89bfd-e2fa-4ec9-ab7d-78cbbf6ebbe6 |
| Source ID | 81096030-246e-4bab-98e6-f648a5fa4020 |
| Board ID | 81096030-246e-4bab-98e6-f648a5fa4020 |
| Provider | rippling |
| Provider Job Key | 2e1e7132-44fc-4296-b8c4-203913f5e73d |
| Title | Detection Engineer |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | Remote (United States), United States |
| Department | Federal Delivery |
| Team | — |
| Employment Type | full_time |
| Workplace Type | remote |
| Remote Policy | remote |
| Country | United States |
| Region | — |
| City | — |
| Salary Raw | — |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | — |
| Source URL | https://ats.rippling.com/hunterstrategy/jobs/2e1e7132-44fc-4296-b8c4-203913f5e73d |
| Apply URL | https://ats.rippling.com/hunterstrategy/jobs/2e1e7132-44fc-4296-b8c4-203913f5e73d |
| First Seen At | 2026-06-06 08:44:45Z |
| Last Seen At | 2026-06-06 08:44:45Z |
| Last Checked At | 2026-06-06 08:44:45Z |
| Last Changed At | 2026-06-06 08:44:45Z |
| Inactive At | — |
| Source Posted At | 2026-06-04 19:12:01Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=rippling/board=hunterstrategy/date=2026-06-06/2026-06-06T08-44-44-729Z-0e99af0467381ec51dcc56f73c5ab9e72aaf6f7255c2c72b9c6786c2d89bba8a.json |
Event Fields
{
"content_hash": "e8ab9b416b73ae91220f2f0485a31dffd4abadd2a48c249ed9d87ea009c92f8e",
"source_hash": "ca525579971d1c6a822188bb0901722fa4a189394c3fd04ea9b4e5087de2145e",
"last_changed_at": "2026-06-06T08:44:45.376Z",
"active_status": "active"
}Parsed Structured
{
"language": "en-us",
"location": {
"raw": "Remote (United States), United States",
"city": null,
"region": null,
"country": "United States",
"is_remote": true,
"confidence": 0.98,
"workplace_type": "remote"
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-06T08:44:45.361Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en-us",
"location": {
"raw": "Remote (United States), United States",
"city": null,
"region": null,
"country": "United States",
"is_remote": true,
"confidence": 0.98,
"workplace_type": "remote"
},
"countries": [
"United States"
]
},
"remote_policy": "remote",
"salary_period": null,
"workplace_type": "remote",
"salary_currency": null
}Extensions
{}Native Structured
{
"list_job": {
"id": "2e1e7132-44fc-4296-b8c4-203913f5e73d",
"url": "https://ats.rippling.com/hunterstrategy/jobs/2e1e7132-44fc-4296-b8c4-203913f5e73d",
"name": "Detection Engineer",
"language": "en-US",
"locations": [
{
"city": null,
"name": "Remote (United States)",
"state": null,
"country": "United States",
"stateCode": null,
"countryCode": "US",
"workplaceType": "REMOTE"
}
],
"department": {
"name": "Federal Delivery"
}
},
"detail_job": {
"url": "https://ats.rippling.com/hunterstrategy/jobs/2e1e7132-44fc-4296-b8c4-203913f5e73d",
"name": "Detection Engineer",
"uuid": "2e1e7132-44fc-4296-b8c4-203913f5e73d",
"board": {
"logo": {
"url": "https://prod-images.rippling.com/1e8d0b64b296693697b45520ae1bc957df30bdf2.png?Expires=1780821885&Signature=KVRvZEQi7ovPwMBCekuaLUlNIejJqkPUMHsosojKVaV6NTRRhnnvdhQ5FOkwTa46B3Ncu-2J9~dcHQi7J~vicKrTq-cwq4uObUnzaneLlfsZzCnFGoytFGhycEtlW9diiwpAqI01vE9clhL7u6EPSAPNjQwXnJk4lh9W2vatOxJf1utaVktMlvMHTZWx~DWxQu5YwuVOPQLTc441hLVa4OZFcWMhZl2VcK63S2gP5lm6B3gqX177KOt7WYh69IKCt85PbrdUe5M4Ur7DCpbESWK-XCkcXJFDTw84YD-pc8Gu2dFEyjvo6MUKLB8JDEdlrkfAth26rl8o30~afD6Imw__&Key-Pair-Id=K2Y26R2ZPP26PH",
"name": "HSLogo-Color-Standard (1).png",
"type": "image/png"
},
"slug": "hunterstrategy",
"title": "Hunter Strategy - Open Positions",
"banner": {
"url": null,
"name": "",
"type": ""
},
"boardURL": "https://ats.rippling.com/hunterstrategy/jobs",
"fontType": "ARIAL_SANS_SERIF",
"subtitle": null,
"boardType": "RIPPLING",
"linkColor": null,
"buttonColor": "#d8431a",
"legalNotice": null,
"buttonTextColor": "#ffffff",
"noOpeningsMessage": null,
"groupJobsByLocation": false,
"showBoardLogoOnJobPost": false,
"showCompanyInfoUnderJobPost": false
},
"createdOn": "2026-06-04T12:12:01.158000-07:00",
"department": {
"name": "Federal Delivery",
"base_department": "Federal Delivery",
"department_tree": [
"Federal Delivery"
]
},
"companyName": "Hunter Strategy",
"description": {
"role": "<meta><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><br></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><b><strong style=\"white-space:pre-wrap;\">Detection Engineer</strong></b></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><b><strong style=\"white-space:pre-wrap;\">Position Overview</strong></b></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"white-space:pre-wrap;\">The Detection Engineer is responsible for analyzing malware and adversary behavior, developing emulations, and creating detection logic to improve visibility and response across enterprise environments. This role supports detection engineering, threat hunting, and incident response by translating malware analysis and telemetry insights into actionable detections and high-quality technical reporting.</span><br><br><b><strong style=\"white-space:pre-wrap;\">Responsibilities</strong></b></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Perform static and dynamic malware analysis using tools such as Detect It Easy, System Informer, and API Monitor to build attack chains and support emulation development.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Reverse engineer payloads and scripts to document execution behavior in detail.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Write emulations in languages such as C++, PowerShell, C#, and others to emulate malware behavior identified during analysis.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Develop detection logic based on emulations and malware analysis findings.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Identify telemetry gaps in Sysmon, auditd, EDR, and other data sources to improve detection coverage.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Produce high-quality technical reports with executive-level summaries of findings.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Debug malware and emulations using tools such as x64dbg, WinDbg, or other debuggers.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Analyze applications for vulnerabilities using reverse engineering and debugging tools.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Correlate events across incidents and malware behaviors identified during malware analysis.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10pt;white-space:pre-wrap;\">·</span><span style=\"white-space:pre-wrap;\">Conduct hunt activities from a detection engineering perspective.</span><br><br><b><strong style=\"white-space:pre-wrap;\">Educational Requirements / Qualifications</strong></b></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"white-space:pre-wrap;\">·Strong understanding of Splunk Search Processing Language (SPL).</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"white-space:pre-wrap;\">·Proficiency in coding languages including C++, C#, Python, and Perl.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"white-space:pre-wrap;\">·Proficiency in scripting languages including PowerShell, JavaScript, and VBScript.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"white-space:pre-wrap;\">·Strong understanding of networking fundamentals.</span></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"white-space:pre-wrap;\">·Strong understanding of Windows and Linux internals.</span></p>",
"company": "<meta><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><b><strong style=\"font-size:18pt;white-space:pre-wrap;\">About Hunter Strategy</strong></b></p><p style=\"font-family:"Basel Grotesk",Arial,sans-serif;font-size:11pt;font-weight:400;line-height:1.6;letter-spacing:0.25px;margin:4px 0px;padding:0px;\"><span style=\"font-size:10.5pt;white-space:pre-wrap;\">Hunter Strategy has a unique philosophy to technical project delivery. We treat all our customers like mission partners because they rely on our team to meet their objectives through complex software engineering, cloud operations, and cyber risk management solutions. Hunter Strategy was founded on the premise that IT is 21st century infrastructure - critically important but only instrumentally valuable. Accordingly, our teams look at problems with a single objective: the identification and enablement of the right capability to address the most vexing problems our Mission Partners face. We continue to support our partners' success by leveraging the right technology, with the right plan, and the right team to address tomorrow's challenges today.</span></p>"
},
"workLocations": [
"Remote (United States)"
],
"employmentType": {
"id": "Salaried, full-time",
"label": "SALARIED_FT"
},
"payRangeDetails": [],
"activeJobApplication": {
"basicQuestions": [
{
"oid": "first_name",
"title": "First name",
"required": true,
"fieldType": "SHORT_ANSWER"
},
{
"oid": "last_name",
"title": "Last name",
"required": true,
"fieldType": "SHORT_ANSWER"
},
{
"oid": "email",
"title": "Email",
"required": true,
"fieldType": "SHORT_ANSWER"
},
{
"oid": "pronouns",
"title": "Pronouns",
"required": false,
"fieldType": "PRONOUN"
},
{
"oid": "current_company",
"title": "Current company",
"required": false,
"fieldType": "SHORT_ANSWER"
},
{
"oid": "phone_number",
"title": "Phone number",
"required": true,
"fieldType": "PHONE_NUMBER"
},
{
"oid": "location",
"title": "Location (city only)",
"required": true,
"fieldType": "SHORT_ANSWER"
},
{
"oid": "resume",
"title": "Resume",
"required": true,
"fieldType": "FILE"
},
{
"oid": "cover_letter",
"title": "Cover letter",
"required": false,
"fieldType": "FILE"
}
],
"customQuestions": null,
"additionalQuestions": null
},
"hasAIEvaluationsEnabled": true,
"eeocQuestionnaireEnabled": true,
"applicationConfirmationTemplate": "655657904e4dc6fcad76e6a4",
"eeocQuestionnaireEnabledForJobPost": true
},
"detail_meta": {
"url": "https://ats.rippling.com/api/v2/board/hunterstrategy/jobs/2e1e7132-44fc-4296-b8c4-203913f5e73d",
"http_status": 200,
"content_type": "application/json",
"response_bytes": 10377
},
"detail_errors": []
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/43d7fe9bb336e6d018d6e3a25c38145ca1fa4bde?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/eba89bfd-e2fa-4ec9-ab7d-78cbbf6ebbe6JSONGET https://api.bluedoor.sh/job-postings/v1/sources/81096030-246e-4bab-98e6-f648a5fa4020JSONGET https://api.bluedoor.sh/job-postings/v1/jobs/43d7fe9bb336e6d018d6e3a25c38145ca1fa4bde/eventsJSON