The Senior Threat Detection Analyst is a cybersecurity expert responsible for advancing the organization's ability to detect sophisticated and emerging cyber threats across on-premises, cloud, and hybrid environments.
This role focuses on advanced detection engineering, proactive threat hunting, and adversary-driven detection, working closely with Threat Intelligence, Security Operations, Incident Response, and Red/Purple Teams. The position plays a strategic role in strengthening the security posture by improving detection maturity, closing visibility gaps, and reducing false positives through high-fidelity detection logic.
Tasks and responsibilities
- Design, implement, and continuously improve advanced threat detection capabilities.
- Develop, tune, and maintain high-quality detection rules and behavioral analytics.
- Conduct proactive, hypothesis-driven threat hunting activities.
- Translate adversary TTPs and attack techniques into actionable detections.
- Collaborate with Threat Intelligence, SOC, Incident Response, and Red/Purple Teams.
- Analyze complex attack chains, kill chains, and post-exploitation activity.
- Identify detection gaps and contribute to continuous detection maturity improvements.
- Reduce false positives while maintaining effective threat visibility.
- Support purple team activities by leveraging red team and penetration test outputs.
Requirements
- Minimum 5 years of experience in threat detection, threat hunting, detection engineering, red team, or penetration testing.
- Strong experience designing and tuning detection rules in enterprise environments.
- Advanced expertise in EDR/XDR platforms (e.g. Microsoft Defender / Microsoft XDR).
- Solid knowledge of MITRE ATT&CK; and adversary-driven detection.
- Hands-on understanding of advanced attack techniques across Windows, Linux, and cloud.
- Strong scripting skills (Python, PowerShell, or similar).
- Experience collaborating with red, purple, or penetration testing teams.
- Ability to translate offensive tradecraft into high-fidelity detections.
- OSEP and CARTE (or equivalent) certifications required.
- Fluent English; experience in general, cross-functional teams preferred
IamBoehringerIngelheim because…
We are continuously working to design the best experience for you. Here are some examples of how we will take care of you:
- Flexible working conditions
- Life and accident insurance
- Health insurance at a competitive price
- Investment in your learning and development
- Gym membership discounts
If you have read this far, what are you waiting for to apply? We want to know more about you!