HiringCafe
Posted 1mo ago

JSOC - Senior Detection Engineer

@ Questrade Financial Group
View All Jobs
Brazil or São Paulo
HybridFull Time
Responsibilities:Author rules, Tune logic, Document runbooks
Requirements Summary:5+ years in detection engineering/security operations; expertise with Elastic Detection Rules, MITRE ATT&CK mapping, and reducing false positives.
Technical Tools Mentioned:Elastic Detection Rules, KQL, EQL, Sigma, MITRE ATT&CK
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Questrade Financial Group (QFG), through its companies - Questrade, Inc., Questrade Wealth Management Inc., Community Trust Company, Zolo, and Flexiti Financial Inc., provides securities and foreign currency investment, professionally managed investment portfolios, mortgages, real estate services, financial services and more. Questrade uses cutting-edge technologies to develop innovative products that give customers better, more affordable ways to take control of their money. 
 
We are everything a traditional financial institution is not. At QFG, you will be constantly moving forward, bringing the future of fintech into existence. You will be a part of a collaborative team that cares deeply about our mission and each other. Your team members will help you conquer challenges, push boundaries and discover what you are truly capable of.
 
At QFG, we have a culture of innovation where technology serves people—both our team and our customers. We see AI as a collaborative and transformative enabler, and we are seeking forward-thinking individuals who can effectively integrate it into their daily work. The ideal candidate will be a catalyst for change, helping us use AI to create a more efficient and rewarding employee experience while also developing cutting-edge solutions that delight and serve our customers. Join us in shaping a future where AI empowers our team to do their best work and helps us deliver unparalleled customer experiences. 

This is a place where you can explore, discover and learn with continuous growth. As a diverse and inclusive place to work, with a hybrid working environment you can unleash your creativity and curiosity with no limits. If you share the same sense of infinite possibility, come shape your future at QFG.

 

What’s in it for you as an employee of QFG?

  • Health & wellbeing resources and programs 

  • Paid vacation, personal, and sick days for work-life balance

  • Competitive compensation and benefits packages

  • Career growth and development opportunities

  • Opportunities to contribute to community causes

  • Work with diverse team members in an inclusive and collaborative environment

 

We’re looking for our next Senior Detection Engineer. Could It Be You?

Your contribution delivering sustainable and measurable results in the following areas will be very important:

 

Owning the quality and effectiveness of the detection portfolio - creating, tuning, validating, and retiring alerts that drive organizational security outcomes. You will be primarily involved in authoring and testing detection rules, maintaining alert coverage and fidelity, reducing false positives, and collaborating with SOC analysts, SIEM Engineers and CTI Specialists to operationalize detections. You will be working alongside internal customers and our vendor support teams to ensure we are utilizing our security tools in accordance with corporate policies and growing business needs. You will work closely with Cybersecurity and IT teams to align priorities and execute plans for new initiatives, as well as contribute to process improvements and build documentation for new tools.

 

Need more details? Keep reading…

You will:

  • Author, test, and deploy detection rules aligned to MITRE ATT&CK coverage gaps.

  • Maintain the detection portfolio: track coverage, false positive rates, alert fidelity, and relevance.

  • Validate alerts through purple-team exercises and real-world scenario testing.

  • Tune detection logic to reduce false positive rates and improve signal-to-noise ratio.

  • Document detection rationale, expected behavior, and runbook references for each alert.

  • Build and maintain alert severity frameworks and prioritization logic.

  • Retire stale or redundant detections with documented justification and communication.

  • Produce monthly detection metrics: coverage by ATT&CK tactic, false positive trends, new vs. retired rules.

  • Perform threat modeling to identify gaps in current detection coverage.

  • Collaborate with SIEM Engineer on platform optimization and detection rule infrastructure.

  • Work with CTI Specialists to translate threat intelligence into detection requirements.

  • Conduct log analysis and data exploration to validate detection logic and identify edge cases.

  • Author SIGMA rules to ensure detection portability and cross-platform compatibility.

  • Participate in alert tuning and optimization based on SOC analyst feedback and operational experience.

  • Maintain runbooks and escalation procedures aligned with detection behaviors and expected outcomes.

  • Stay current with emerging detection methodologies, tools, and MITRE ATT&CK updates.

  • Mentor and develop team members on detection engineering best practices and frameworks.

  • Communicate detection engineering decisions, alert changes, and coverage analysis to technical and non-technical stakeholders.

  • Track and report on detection engineering program metrics (rules deployed, coverage improvement, FP reduction).

 

So are YOU our next Senior Detection Engineer? You are if you have… 

  • 5+ years of relevant experience in detection engineering, security operations, or threat analysis in an enterprise environment.

  • Experience authoring and deploying detection rules using Elastic Detection Rules (KQL, EQL, ES|QL).

  • Practical experience with MITRE ATT&CK framework for detection mapping and coverage analysis.

  • Experience tuning detection logic and reducing false positive rates in production environments.

  • Experience with SIGMA rule authoring and cross-platform detection development.

  • Experience conducting purple team exercises and validating detection effectiveness.

  • Strong log analysis and data exploration skills for identifying detection gaps and anomalies.

  • Knowledge of threat modeling methodologies and detection requirement development.

  • Knowledge of alert fatigue reduction strategies and signal-to-noise optimization.

  • Knowledge of SIEM platform architecture, data pipelines, and detection rule deployment workflows.

  • Experience developing and maintaining large-scale detection portfolios. 

  • Experience with threat intelligence integration into detection workflows.

 

Brownie points if you have...

 

  • GCDA, Elastic Certified Analyst, SANS SEC511, HTB CDSA or similar relevant certifications. 

  • Contributions to open-source detection rule repositories (Elastic, Sigma).

 

Sounds like you? Click below to apply!

#LI-Hybrid #LI-MM1

At Questrade Financial Group of Companies, with multiple office locations around the world, we are committed to fostering a diverse, inclusive and accessible work environment. This is an environment where individuals are treated with dignity and respect. Here, the unique skills and experience you bring will be valued. You will be supported and motivated, so that you can harness your unlimited potential. Our team reflects the diversity of the communities we serve and operate in. Having a collaborative and diverse team helps us push boundaries to bring the future of fintech into existence—not only for the benefit of our customers, but for those who build their career with us. 

 

Questrade Financial Group of companies Applicant Tracking System utilizes artificial intelligence (AI) for application screening. The AI system operates on predetermined criteria, with final decisions subject to human review. 

 

Candidates selected for an interview will be contacted directly. If you require accommodation during the recruitment/selection process, please let us know and we will work with you to meet your needs.