Senior Detection Engineer

About the role

Zscaler is looking for a Senior Detection Engineer to join its Threat Hunting team in Costa Rica. Reporting to the Senior Manager of Threat Hunting, you will help advance the detection and hunting capabilities of Zscaler Threat Hunting, a managed service that protects customers from sophisticated cyber threats.

Key responsibilities

• Develop and maintain next‑generation detection logic using Python, SQL, AWS services, YAML, and SIGMA‑like rules.
• Translate MITRE ATT&CK tactics, techniques, and procedures into actionable detection rules for SIEM platforms such as Splunk, Microsoft Sentinel, or ElasticSearch.
• Contribute to the scalability and maintenance of engineering projects leveraging Hadoop, Athena, and other data platforms.
• Write and update detections, playbooks, IDS/IPS signatures, and YARA rules, and provide on‑call support including weekend night shifts.
• Validate detection logic, perform root‑cause analysis of failures, and continuously improve detection effectiveness.

Required profile

• Hands‑on experience creating detection rules in a SIEM environment.
• Familiarity with the MITRE ATT&CK framework and ability to map TTPs to detection logic.
• Strong analytical and reporting skills with a focus on security operations.
• Ability to work independently and handle flexible, on‑call schedules.

Required skills

• Python scripting and automation
• SQL querying
• AWS services (e.g., Athena)
• YAML‑based detection authoring
• SIEM platforms: Splunk, Microsoft Sentinel, ElasticSearch
• MITRE ATT&CK framework
• Hadoop data platform
• IDS/IPS signature development
• YARA rule creation