Home
Jobs
Colossus Technologies Group
Sr. Detection Engineer - Logflow - Security Lake

Sr. Detection Engineer - Logflow - Security Lake

Remote

United states

$ 200,000 /year

Mid level

Full Time

02-02-2026

Share this job:

Score my CV

Skills

Python SQL Data Engineering Analytics

Job Specifications

Senior Detection Engineer – LogFlow (Security Lake)

Location: United States (Remote-friendly)

Team: Detection Engineering / Security Data Platform

Tech Focus: Log ingestion, normalization, detection logic, security telemetry

About the role

We’re building a security-first log ingestion and detection platform — a Security Lake designed to handle massive volumes of security telemetry, normalize it in real time, and power high-fidelity detections.

This role sits at the intersection of security detections and log pipelines.

If you’ve ever:

Written detections directly on raw or semi-structured logs
Spent time normalizing messy security events before they were usable
Tuned detections to reduce noise and false positives
Thought deeply about where in the pipeline detection logic should live

…this role is squarely in your wheelhouse.

What you’ll work on

Designing and building detections on top of large-scale security log pipelines
Working directly with raw security telemetry (cloud logs, audit logs, infra logs, identity logs, etc.)
Defining normalization and enrichment logic that makes detections reliable and portable
Authoring and tuning detection logic to balance signal quality vs. noise
Partnering closely with ingestion and platform engineers to improve log quality at the source
Helping shape how the Security Lake stores, queries, and exposes data for detection use cases

This is a hands-on detection role, not just rule writing in a UI.

What we’re looking for

We care much more about what you’ve actually done than titles or certifications.

Strong signals include:

5+ years in detection engineering, security analytics, or security data engineering
Hands-on experience writing detections on log-based security data
Deep familiarity with security telemetry (cloud audit logs, identity logs, infra logs, EDR, network, etc.)
Experience working with normalized vs. raw logs and understanding the tradeoffs
Comfort digging into messy, inconsistent data and making it detection-ready
Ability to reason about detections at scale (performance, cost, false positives)

Nice to have (not required)

Experience with SIEMs, security lakes, or custom detection platforms
Familiarity with log ingestion pipelines or log shippers/collectors
Experience working close to data platforms or security data infrastructure
Scripting or query experience (SQL-like languages, Python, etc.)
Exposure to detection-as-code or version-controlled detection logic

Why this role is different

You’ll work closer to the data than most detection roles
You’ll influence how logs are ingested and shaped, not just how detections run
You’ll help build a detection platform, not just operate one
You’ll spend more time on signal quality and less on noisy alert triage

About the Company

At Colossus Technologies Group, we provide top-tier cybersecurity and digital trust staffing, IT consulting, and project management solutions, including privacy, security, and GRC SaaS platform solution implementation. Our expertise ensures businesses have access to the right talent and strategies to safeguard their digital assets, optimize operations, minimize and govern digital risks and drive growth. Know more