Detection Engineer at Fidelity National Financial

, , United States -

Full Time

Start Date

Immediate

Expiry Date

24 Jun, 26

Salary

160000.0

Posted On

26 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Python, SIEM Technologies, SQL, XQL, SPL, KQL, Threat Modeling, Detection Tuning, Metrics-Driven Detections, Email Analysis, Detection Validation, Detection-as-Code, CI/CD, Git-Based Workflows, Threat Intelligence, Incident Response

Industry

Financial Services

Description

Overview POSITION OVERVIEW Fidelity National Financial (FNF) is seeking a Detection Engineer to join our Information Security Office (ISO). The primary purpose of this position is to maintain and improve security detections within FNF. This role is specifically focused on email security. This role can sit 100% remote. DUTIES & RESPONSIBILITIES Research adversary tradecraft, translate threat intelligence into detection logic Tune and optimize existing detections to reduce alert fatigue while maintaining detection fidelity Perform regular detection coverage and gap analysis assessments Document detection logic, response guidance, and follow-on analysis to support SOC and incident responders Represent detection engineering to cross-functional security teams in meetings, including priorities, capabilities, and progress Collaborate with other teams including threat intelligence, incident response, and security operations for detection authoring and improvements. Represent detection engineering to cross-functional security teams in meetings, including priorities, capabilities, and progress Contribute to detection program standards and processes Other tasks and responsibilities as assigned MINIMUM REQUIREMENTS Bachelor's degree or the equivalent combination of education and work experience 5+ years experience in cybersecurity/information security Strong experience with Python, including logging, testing, object-oriented concepts, and designing ergonomic tools. Security monitoring experience with one or more SIEM technologies and query languages (SQL, XQL, SPL, KQL, etc.) Detection engineering experience including threat modeling, detection tuning, and metrics-driven-detections Experience in one or more security domains - defensive analyst, malware reversing, offensive security, open-source intelligence, threat intelligence Detail oriented with strong organizational skills Exceptional written and oral communication skills PREFERRED EXPERIENCE Experienced in detection validation, with a desire to prove coverage Familiar with email analysis and security Experience with detection-as-code, ideally in a continuous integration and continuous delivery (CI/CD) pipeline Hands on experience with popular Breach-as-a-service tools for validation, coverage analysis, and threat modeling Familiarity with Git-based workflows including branching, pull requests, and peer review COMPENSATION & BENEFITS This position has the potential to earn compensation in the range of $120,000 - $160,000 annually based on location and job-related factors such as skillset and experience. Actual rate may vary within the range provided, depending on a number of factors, including skillset, experience and location. The base compensation is one component of the total rewards package offered to our employees, including optional health and welfare insurance (medical/dental/vision/life/disability); paid holidays, vacation, and sick time off; and matching 401(k) plan and matching employee stock purchase plan.

Responsibilities

The primary purpose of this role is to maintain and improve security detections, with a specific focus on email security, by researching adversary tradecraft and translating threat intelligence into detection logic. This involves tuning existing detections, performing coverage analysis, and documenting logic to support SOC and incident responders.