Job Description

Why Black and Veatch

Black & Veatch allows you to lend your talent and perspective to humanity’s biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation; 401K match and benefits that start day 1. 

Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use.

The Opportunity

We are seeking a highly skilled and motivated Cyber Detection Engineer to join our cybersecurity team. This role is responsible for designing and implementing advanced threat detection routines, assimilating open-source threat intelligence, generating actionable cyber threat intelligence, and leading incident response and remediation efforts.    #LI-NK1 #LI-Hybrid 

The Team

Black & Veatch’s Business Enablement consists of critical groups that help enable the organizations people, projects, and businesses to be as successful as possible.   Functions in this group include Digital & Information Technology, Global Finance, Global Human Resources, Legal, Risk Management, and Government Affairs and Real Estate and Building Services. 

Key Responsibilities

Threat Detection & Engineering 

• Develop and maintain detection functions using telemetry from various sources (e.g., endpoint logs, cloud logs, email scanning, sandbox analysis). 
• Create and optimize detection components and functions (e.g., YARA rules, Sigma rules, SIEM hunts) to identify malicious activity  
• Expand telemetry and signal coverage while reducing noise to improve detection fidelity  

Threat Intelligence 

• Assimilate and operationalize open-source threat intelligence feeds. 
• Generate internal cyber threat intelligence reports and indicators of compromise (IOCs). 
• Integrate threat intelligence into detection platforms to enhance visibility and response  

Threat Hunting 

• Design and execute proactive threat hunting routines across enterprise environments. 
• Identify anomalous behaviors and potential threats not detected by automated systems. 

Alert Analysis & Incident Response 

• Analyze security alerts and determine their impact and severity. 
• Lead incident response efforts including containment, eradication, and recovery. 
• Collaborate with SOC analysts and other stakeholders to ensure timely resolution. 

Remediation & Reporting 

• Develop and implement remediation plans for identified threats and vulnerabilities. 
• Document findings and lessons learned to improve future detection and response capabilities. 
• Contribute to the continuous improvement of security operations and detection engineering processes. 

Management Responsibilities

Individual Contributor

Preferred Qualifications

• 5+ years in cybersecurity, with hands-on experience in detection engineering, threat hunting, and incident response. 

Technical Skills: 

• Proficiency in scripting languages (e.g., Python, PowerShell). 
• Experience with SIEM platforms, EDR tools, and threat intelligence platforms. 
• Familiarity with detection-as-code frameworks and telemetry analysis. 

Soft Skills: 

• Strong analytical and problem-solving abilities. 
• Excellent communication and collaboration skills. 
• Ability to work independently and in cross-functional teams. 

Minimum Qualifications

• Bachelor's degree in Information Security or Computer Science or related field.
• Minimum 10 years of overall experience in Cyber Security, IT, Risk Assessments, Privacy
• Of the 10 years overall experience required, must have 5 years of experience in Governance, Risk and Compliance; and Privacy.
• At least 1 certification such as CISSP, CISM, CISA, CRISC, CIPP or similar privacy certifications.
• Demonstrated experience applying security and risk frameworks, regulations and privacy such as NIST CSF/800-53/800-171, NERC CIP, CIS, CMMC, SOC2, GDPR, etc.
• Experience in developing security policies and standards, risk assessments, third party risk programs, risk management, risk registries, regulatory compliance, security awareness training and testing, security metrics, privacy, and other relevant GRC areas.
• All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.

Certifications

Must hold at least 1 certification such as CISSP, CISM, CISA, CRISC, CIPP or similar privacy certifications.

Work Environment/Physical Demands

Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance and work assignments.

Job Tags

Flexible hours,

Similar Jobs