Senior Engineer, Detection Strategy Lead Engineer

Bethesda, MD - USA

Monthly Salary: Not Disclosed

Posted on: 30-10-2025

Vacancies: 1 Vacancy

Job Summary

Description

JOB SUMMARY

A technical thought leadership role responsible for shaping and executing detection strategy and advanced detection development within both SIEM and Security Data Lake environments. The individual will collaborate across Cybersecurity Analytics Security Architecture and Engineering teams to ensure comprehensive detection coverage for Marriotts business applications and platforms. This role will inform the prioritization of detection development contribute to supplemental threat modeling and conduct research and development on adversary TTPs based on threat intelligence. The candidate is expected to bring deep hands-on detection and response expertise to support SOAR and AI-driven security initiatives. The role requires a blend of technical acumen strategic vision and the ability to drive innovation in detection engineering.

CANDIDATE PROFILE

Education and Experience

Required:

Bachelors degree in computer science information security or related field or equivalent experience/certification.

7 years experience working in Information Technology including:

5 years of experience in detection engineering security analytics or related cybersecurity roles.

Demonstrated experience with SIEM (e.g. Splunk Enterprise Security) and Security Data Lake platforms.

Experience developing and tuning advanced detection content including correlation rules behavioral analytics and threat hunting queries.

Proven ability to lead cross-functional initiatives and collaborate with diverse technical teams.3 years of collective experience in one or all of the following:

Splunk SIEM (Splunk Enterprise Security) threat detection use case development

UEBA use case development for insider threat use case development

Preferred Skills/Experience:

Current Advanced information security certifications (e.g. CISSP CISM GIAC OSCP).

Experience supporting SOAR and AI/ML-driven security operations.

Familiarity with cloud security threat intelligence platforms and modern security architectures.

Experience with scripting/programming (Python PowerShell etc.) and automation.

Working knowledge of frameworks such as MITRE ATT&CK NIST CSF and ISO/IEC 27001.

CORE WORK ACTIVITIES

Strategic Leadership:

Inform detection strategy development with detection approaches that leverages SIEM Security Data Lake and tools integrated with the security analytics platforms.

Inform and prioritize detection development based upon business risk threat intelligence and evolving adversary TTPs.

Lead R&D efforts to identify and address detection gaps leveraging threat modeling and threat intelligence.

Provide detection governance partnership with Detection Engineering for efficacy reviews and lifecycle management of developed security monitoring content.

Technical Execution:

Develop advanced detections in partnership with Detection Engineering and other partners.

Collaborate with Security Architecture and Engineering teams to ensure detection coverage aligns with cybersecurity risks and business priorities.

Support the integration of detection content with SOAR and AI/ML initiatives to enhance automated response and analytics.

Develop analytics correlation searches dashboards reports and alerts within the SIEM and UEBA platforms.

Collaboration and Communication:

Facilitate cross-team collaboration sessions to ideate and review detection use cases and detection methodologies.

Document detection approaches for TTPs threat models and monitoring strategies using standard templates and methodologies.

Engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate.

Attend SCRUM and prioritization meetings to review and update deliverables.

Present findings recommendations and detection approaches to technical and non-technical stakeholders.

Continuous Improvement:

Stay current with emerging threats adversary tactics techniques and detection technologies.

Contribute to the development and refinement of detection engineering standards workflows and best practices.

Provide technical development support for detection engineers

At Marriott International we are dedicated to being an equal opportunity employer welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and greatest strength lies in the rich blend of culture talent and experiences of our are committed to non-discrimination on any protected basis including disability veteran status or other basis protected by applicable law.

Required Experience:

Senior IC

DescriptionJOB SUMMARYA technical thought leadership role responsible for shaping and executing detection strategy and advanced detection development within both SIEM and Security Data Lake environments. The individual will collaborate across Cybersecurity Analytics Security Architecture and Enginee...