Job description

Security Content EngineerLocation: United States RemoteSummaryBlueVoyant is seeking a Security Content Engineer to join our fast-paced team focused on building automated security analysis solutions. This fully remote role involves developing detection logic, automation, and visualizations to help clients derive actionable security insights. You’ll work closely with internal teams and customers to enhance security operations through innovative content engineering.Key ResponsibilitiesEnrich security signals to improve SOC efficiency and outcomesResearch threat actors and attack vectors to develop detection content for emerging threatsDesign and build automation content for onboarding new productsAssist clients in testing and tuning detection logic to reduce false positives and alert fatigueIdentify and promote reusable content (rules, automations, dashboards) across clientsCollaborate with integration teams to optimize log ingestion and reduce noiseDeliver research-driven content such as queries, signatures, rules, and knowledge base articlesDevelop supplemental detection coverage for high-risk vulnerabilities and exploitsContribute to the evolution of security policies, procedures, and automation frameworksCommunicate regularly with client IT teams to provide guidance and ensure operational readinessSupport the development of incident response processes and documentationAssist with advancing security standard operating procedures and incident response reporting.QualificationsStrong collaboration and interpersonal skills, especially in distributed team environmentsExcellent written and verbal communication skills; ability to explain complex topics clearlyExperience in writing detection signatures or algorithmsProficiency in analyzing event logs and identifying indicators of compromiseHands-on experience with Microsoft Azure, Sentinel, Defender, and related toolsFamiliarity with:Sentinel Incidents, Workbooks, Hunting Queries, NotebooksKusto Query Language (KQL) or similarComplex JSON structuresDevelopment tools (Git, IDEs, CI/CD pipelines)Strong scripting skills (Python, Ruby, etc.)Experience in digital forensics and blue team operationsSolid understanding of network protocols and infrastructureAbility to gather client requirements and translate them into technical solutionsDeep knowledge of:SIEM/SOAR platformsAPI integrationsEndpoint Detection and Response (EDR)Log analysis and malware detectionNetwork monitoring toolsCase management systemsAtlassian Suite (Jira, Confluence)Email security, DLP, encryption, and vulnerability managementPreferred QualificationsBackground in intrusion analysis, detection engineering, or penetration testing5+ years of experience in IT or cybersecurity, with a focus on SIEM and detection contentRelevant certifications such as Microsoft 365 Certified: Security Administrator Associate, GCFA, GCFE, or OSCPEducationBachelor's degree in a related field or equivalent professional experience and certificationsAbout BlueVoyantAt BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.BlueVoyant Candidate Privacy NoticeTo understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice #J-18808-Ljbffr

Requirements