Detection Engineer

About the Job

Join the Allianz Cyber Defense Center (ACDC) as part of our growing Detection Engineering team. You'll design and build the detection logic that powers our 24/7 monitoring across Google SecOps (Chronicle) and CrowdStrike Falcon, sitting at the intersection of threat intelligence and security operations. Your work will directly shape what we see — and what we catch — across one of the world's largest financial services groups.

What you do

• Own the full detection use case lifecycle: from L1 (threat concept) through L2 (attack vector) to L3 (production-ready monitoring rule).
• Design, develop, and maintain detection content in Google SecOps (YARA-L) and CrowdStrike Falcon, aligned with our logging telemetry.
• Map detections to the MITRE ATT&CK framework, continuously assessing coverage and performing gap analyses to prioritize new use cases....