Job Description

Northwest Partners is engaged in a strategic initiative with a well-established technology organization and seeks an experienced Threat Detection Engineer to lead the design and deployment of advanced detection strategies. This role requires deep hands-on expertise in detection engineering and orchestration across multiple platforms.

What YOU will do
design, develop, and maintain high-fidelity detections across Splunk, Snowflake, and related platforms
author SPL-based detections and SQL-based queries for threat detection and hunting
design and optimize queries in Snowflake, and configure Snowpipe for real-time and batch data ingestion
collaborate with data engineering teams to ensure schema and pipelines support scalable detection use cases
manage future-state integrations with Cribl/Databahn for telemetry routing, enrichment, and cost-optimized data flow
administer and optimize Splunk and Snowflake environments for performance and scalability
map detections to the MITRE ATT&CK framework for comprehensive threat coverage
manage full detection lifecycle in Anvilogic including creation, testing, deployment, tuning, and retirement
orchestrate detection deployments across platforms using Anvilogic
apply Anvilogic coverage analytics to identify gaps and validate detection against frameworks
collaborate with SOC and IR teams to streamline workflows and minimize false positives
ensure compliance with security regulations including PCI-DSS, HIPAA, SOX, and GLBA
work cross-functionally with engineering and security teams to strengthen visibility and response

What YOU will bring us
5+ years of experience in detection or threat engineering
expertise in authoring detections using Splunk SPL and SQL across various platforms
hands-on experience with Snowflake and Snowpipe pipeline configuration
proven administration capabilities in Splunk and Snowflake
working knowledge of detection frameworks like MITRE ATT&CK
demonstrated experience with Anvilogic including detection-as-code and platform orchestration
familiarity with Cribl or Databahn for log transformation and observability pipelines
experience engineering in highly regulated environments
relevant certifications such as Splunk Certified Architect, SnowPro, or GIAC (GCDA, GCED)
ability to translate threat modeling into actionable detections
strong collaboration and communication skills across SOC, IR, and engineering teams
mindset focused on automation and detection scalability using modern toolsets

Benefits Include:
Health Insurance, Vision Insurance, Dental Insurance, Short term Disability, Long-term Disability, Life Insurance, Education Benefits and more.

About Northwest Partners
Northwest Partners is an equal opportunity employer. At Northwest Partners we are dedicated to moving at the speed of innovation. We work with clients across the globe to provide exceptional knowledge, talent, and resources. As a trusted partner, we merge the client's vision with our expertise to deliver powerful results. Northwest Partners is known for building and managing elite teams in technology across diverse industries. Our mission is to empower every talent and every client to achieve more.

Job Tags

Similar Jobs