Security Detection Engineer

About Concordant

Concordant LLC delivers mission-critical technology, cybersecurity, and consulting services to government and enterprise clients. Our teams support large-scale modernization and security initiatives that strengthen operational resilience, improve threat visibility, and enable secure service delivery across complex environments.

We are seeking an experienced Security Detection Engineer – Consultant to support a state government client in advancing its cybersecurity detection and response capabilities.

This role supports a statewide security modernization effort focused on improving centralized monitoring, expanding detection coverage, and enhancing threat response across multiple state agencies.

Position Overview

The Security Detection Engineer will be responsible for developing, tuning, and maintaining security detection rules and analytics within the client’s SIEM and SOAR environment.

This role works closely with SOC analysts, threat hunters, engineers, and agency stakeholders to identify detection gaps, improve alert fidelity, and enhance overall security visibility across the enterprise.

This position may be onsite in Columbia, SC with potential for hybrid or fully remote work depending on candidate fit and program needs.

Responsibilities

• Review, tune, and maintain detection rules within the state SIEM environment
• Identify detection coverage gaps through analysis of logs, telemetry, and threat intelligence
• Develop and implement new detection rules and use cases
• Collaborate with SOC analysts to improve alert quality and reduce false positives
• Work with threat hunting teams to identify emerging threats and detection opportunities
• Monitor threat intelligence feeds and translate findings into actionable detections
• Support SOAR workflows, integrations, and automation improvements
• Document detection logic, runbooks, and operational procedures
• Create dashboards, metrics, and reporting for detection coverage and performance
• Coordinate with engineers, SOC teams, and agency stakeholders across multiple agencies
• Support continuous improvement of detection engineering practices and standards

Required Qualifications

• 5+ years of experience supporting large IT or cybersecurity environments
• 5+ years of experience with scripting and automation (Python, PowerShell, Bash, or similar)
• Strong experience with SIEM environments and detection rule development
• Experience with Sigma, YARA, or similar detection languages
• Strong understanding of the MITRE ATT&CK framework
• Experience working in enterprise or multi-tenant environments
• Strong communication skills and ability to support agency-facing collaboration
• Experience working in security operations or detection engineering roles

Preferred Qualifications

• Experience with Palo Alto Cortex XSIAM or similar modern SIEM platforms
• Experience in threat hunting or security analytics engineering
• Deep understanding of Windows and Linux system artifacts
• Experience supporting large-scale enterprise or multi-agency environments
• Security certifications such as CISSP, CISA, CEH, OSCP, or GPEN

Education

• Bachelor’s degree in Cybersecurity, Information Technology, or related field
• OR
• 8+ years of equivalent professional cybersecurity experienceWork Location
• Columbia, South Carolina (Onsite preferred)
• Hybrid or Remote possible depending on candidate qualifications and program requirements
• Full-time consulting engagement
• 12-month duration with potential for extension

Pre-Employment Requirements

Employment is contingent upon successful completion of:

• Criminal background check
• Drug screening
• Driving record check
• Credit check
• E-Verify verification
• SLED security screening
• Confidentiality agreement

Why Join Concordant?

• Support a statewide cybersecurity modernization initiative
• Work alongside SOC, engineering, and threat hunting teams
• Contribute to improving detection capability across multiple agencies
• Gain exposure to modern SIEM and detection engineering platforms
• High-impact role in a mission-critical security program

Concordant LLC is an Equal Opportunity Employer.

Pay: Up to $124,800.00 per year

Application Question(s):

• Will you now or in the future require sponsorship for employment?
• What is your current physical mailing address? (SBA HUBZone check)
• Do you have any relevant certifications?

Education:

• Bachelor's (Preferred)

Experience:

• supporting large IT environments: 5 years (Required)
• scripting/automation (python, bash, powershell): 5 years (Required)
• understanding Sigma, Yara, or other detection languages: 1 year (Required)
• MITRE ATT&CK framework understanding: 1 year (Required)

Work Location: Hybrid remote in Columbia, SC 29201