Lead, Detection Engineer - Cyber Defense & Response
Prudential Financial · Newark, NJ · 2 wk ago
Information Technology$124k–$204k/yrFull-time
About the role
The Global Technology team at Prudential is dedicated to enabling the organization with innovation, speed, agility, scalability, and efficiency. As a Lead Detection Engineer within the Cyber Defense and Response organization, you will drive the strategic evolution of the enterprise's cyber threat detection capabilities.
Responsibilities
- Lead the design and implementation of enterprise-scale cyber threat detection capabilities across diverse technologies, ensuring accuracy, resilience, and alignment with risk priorities.
- Drive advanced research into adversarial TTPs, guiding the team in creating innovative and proactive detection methodologies across varied cloud & on-prem platforms.
- Partner strategically with Cyber Threat Intelligence to prioritize, shape, and operationalize intelligence into high-impact, sustainable detection coverage.
- Collaborate with Cyber Threat Hunting to transform successful hunts into automated, scalable detections and long-term detection hypotheses.
- Architect and oversee development of detection engineering automations, frameworks, and reusable tooling to accelerate team velocity and maturity.
- Identify, influence, and implement detection engineering tooling, infrastructure, and data visibility improvements across the enterprise.
- Provide authoritative insight on detection and visibility gaps, driving remediation efforts with platform owners, security architects, and engineering teams.
- Lead cross-functional initiatives to establish security requirements, uplift telemetry coverage, and strengthen detection and response capabilities.
- Coach, mentor, and elevate team members, fostering technical excellence, analytical rigor, and innovative thinking.
- Champion emerging technologies and best practices, embedding continuous improvement and modern engineering approaches into day-to-day operations.
Requirements
All Specialist-level capabilities plus elevated expectations in leadership, strategy, and influence:
- Extensive experience in detection engineering, incident response, threat hunting, or similar security operations roles, with a proven ability to lead complex technical initiatives.
- Expert understanding of Risked based alerting strategies and detection methodologies, capable of designing enterprise-wide detection models and influencing risk scoring frameworks.
- Deep knowledge of large enterprise architectures, including networks, operating systems (Windows, macOS, Linux), cloud ecosystems, and modern telemetry pipelines.
- Advanced proficiency in Splunk Enterprise Security (ES) and its architecture, including correlation searches, risk frameworks, data models, and performance optimization.
- Advanced experience with SPL and KQL, including designing scalable, optimized, and maintainable detection libraries.
- Strong familiarity with SOAR, CI/CD, code repositories, and engineering pipelines, with the ability to influence development best practices for detection content.
- Ability to lead with inclusivity, leveraging diverse ideas and perspectives to achieve better analytical outcomes and team performance.
- Demonstrated leadership in continuous learning, staying ahead of emerging technologies, threats, and engineering methodologies.
- Exceptional communication and collaboration skills, with the ability to influence across technology, security, and business stakeholders.
Skills & Expertise
- Extensive experience in detection engineering, incident response, threat hunting, or similar security operations roles, with a proven ability to lead complex technical initiatives.
- Expert understanding of Risked based alerting strategies and detection methodologies, capable of designing enterprise-wide detection models and influencing risk scoring frameworks.
- Deep knowledge of large enterprise architectures, including networks, operating systems (Windows, macOS, Linux), cloud ecosystems, and modern telemetry pipelines.
- Advanced proficiency in Splunk Enterprise Security (ES) and its architecture, including correlation searches, risk frameworks, data models, and performance optimization.
- Advanced experience with SPL and KQL, including designing scalable, optimized, and maintainable detection libraries.
- Strong familiarity with SOAR, CI/CD, code repositories, and engineering pipelines, with the ability to influence development best practices for detection content.
- Ability to lead with inclusivity, leveraging diverse ideas and perspectives to achieve better analytical outcomes and team performance.
- Demonstrated leadership in continuous learning, staying ahead of emerging technologies, threats, and engineering methodologies.
- Exceptional communication and collaboration skills, with the ability to influence across technology, security, and business stakeholders.
Preferred Qualifications
- Industry relevant certifications such as GDAT, GCDA, GCTD, GCTI, GMON, GPEN, GCIH, GCFA, OSCP, OSCE, OSWE, or equivalent.