THREAT DETECTION ENGINEER
Corus Group, LLC

Threat Detection Engineer

Remote - USA

Role Overview
We are seeking a Senior Cybersecurity Engineer with deep expertise in modern, cloud-first enterprise security environments and exceptional interpersonal skills. This role requires a technically strong security engineer who can also communicate clearly, professionally, and confidently with stakeholders at all levels, delivering a customer-service mindset to everything they do.

The ideal candidate has a Bachelor's Degree, 7+ years of enterprise cybersecurity experience, extensive hands-on knowledge of the Microsoft security ecosystem, and a strong understanding of cybersecurity across all domains, operating in complex, fast-paced environments.

Key Responsibilities:
Security Engineering & Operations

• Design, implement, and continuously improve security controls across cloud and SaaS environments.
• Act as a senior technical escalation point for security incidents, investigations, and complex security issues.
• Partner with SOC and incident response providers to ensure effective detection, response, and remediation.
• Lead root-cause analysis and drive continuous improvement following security events.
• Deliver security solutions with a customer-first mindset, ensuring stakeholders feel supported, informed, and confident.

Microsoft Security Stack

• Architect, deploy, and operate security solutions across the Microsoft 365 ecosystem, including:
• Entra ID (Azure AD), Conditional Access, Identity Protection
• Microsoft Defender for Endpoint, Identity, Cloud Apps, and Office 365
• Build, tune, and optimize Microsoft Sentinel SIEM, including:
• Data connectors and ingestion
• Analytics rules, KQL queries, workbooks, and automation
• Threat hunting and detection engineering

Endpoint, Network & Cloud Security

• Administer and optimize CrowdStrike Falcon for endpoint protection, EDR, and threat hunting.
• Implement and manage Zscaler (ZIA/ZPA) to support Zero Trust access and secure connectivity.
• Demonstrate a strong understanding of enterprise networking concepts and topology, including:
• Cloud networking
• Secure access architectures
• Traffic inspection and segmentation
• Ensure security best practices are embedded across all cloud and SaaS platforms.

Governance, Risk & Best Practices
Apply and enforce security best practices across all cybersecurity domains, including:

• Identity & Access Management
• Cloud & SaaS Security
• Endpoint Security
• Network Security
• Data Protection
• Security Monitoring & Incident Response
• Vulnerability & Risk Management
• Support audits, risk assessments, and compliance initiatives.
• Contribute to security policies, standards, procedures, and technical documentation.

Communication & Stakeholder Engagement

• Communicate security risks, incidents, and recommendations clearly, professionally, and confidently to technical and non-technical stakeholders.
• Deliver exceptional customer service to internal teams, leadership, and partners.
• Build trusted relationships across IT, cloud, and business teams.
• Mentor junior team members and raise the overall security maturity of the organization.

Required Qualifications

• Bachelor's Degree and 7+ years of enterprise cybersecurity experience
• Strong hands-on expertise in:
• Microsoft 365 security stack
• Microsoft Sentinel SIEM
• CrowdStrike Falcon
• Zscaler (ZIA/ZPA)
• Solid understanding of enterprise networking topology and cloud networking concepts
• Experience working with MSSPs, SOCs, and incident response retainers
• Threat hunting and detection engineering experience
• Broad, practical knowledge across all major cybersecurity domains
• Proven experience in incident response and security investigations
• Exceptional written and verbal communication skills
• Outstanding customer service mindset, with the ability to engage professionally under pressure

Certifications

• CISSP (preferred) or actively studying for CISSP
• Microsoft Security certifications, a plus
• CCSP, Azure Security Engineer, GIAC, or equivalent, a plus

Nice to Have

• Automation or scripting skills (KQL, PowerShell, Python)
• Experience operating in high-growth, high-expectation enterprise environments

---