Cybersecurity Detection Engineer

About Command|Link


Command|Link is a global SaaS Platform providing network, voice services, and IT security solutions, helping corporations consolidate their core infrastructure into a single vendor and layering on a proprietary single pane of glass platform. Command|Link has revolutionized the IT industry by tackling the problems our competitors create. In recognition for our unprecedented innovation and dedication, Command|Link was recognized as the SD-WAN Product of the Year, ITSM Visionary Spotlight, UCaaS Product of the Year, NaaS Product of the Year, Supplier of the Year, and the AT&T Strategic Growth Partner. Command|Link has built the only IT platform for scale that solves ISP vendor sprawl and IT headaches. We make it easy for our customers to get more done, maximize uptime and improve the bottom line.


Learn more about us here!


This is a 100% remote position!


About your new role:

We are seeking a highly skilled Cybersecurity Detection Engineer to join our growing security organization. In this role, you will develop, optimize, and operationalize threat detection capabilities that safeguard Command|Link’s infrastructure, data, and customers. You will be hands-on in creating detection logic, analyzing threat behavior, improving visibility across systems, and supporting investigations into sophisticated cyber threats. 


This role is critical in strengthening our defensive posture against malware, phishing campaigns, insider threats, cloud-based attacks, credential compromise, and other emerging risks. You will work closely with our SOC, engineering teams, and compliance teams to ensure our detection landscape remains accurate, scalable, and resilient. 


Key Responsibilities:

  • Design, build, and refine high-fidelity detections across SIEM, XDR/EDR, network, and cloud platforms to identify malicious activity and anomalous behavior. 
  • Develop and maintain detection use cases, alert logic, rule tuning, dashboards, and automation workflows to improve SOC effectiveness. 
  • Conduct deep-dive investigations into escalated threats, including malware infections, privilege misuse, lateral movement, suspicious endpoint activity, and cloud-based attacks. 
  • Partner with SOC analysts to improve triage workflows, reduce false positives, and enhance detection accuracy. 
  • Analyze new threat behaviors and convert intelligence into actionable detection capabilities. 
  • Perform detection lifecycle management, including documentation, validation, QA testing, and periodic rule reviews. 
  • Support blue-team engineering initiatives, such as log onboarding, telemetry enrichment, and visibility gap analysis. 
  • Collaborate with compliance and security engineering teams to support security audits, including SOC 2, regulatory compliance, and internal governance requirements. 
  • Participate in security architecture planning and contribute to the design of scalable, resilient security solutions. 
  • Communicate complex technical threats and detection logic clearly to both technical and non-technical stakeholders
  • Takes on additional responsibilities and projects as needed to support the success of the team and organization.


What you'll need for success:

  • 5+ years of experience in cybersecurity engineering, detection engineering, threat hunting, SOC analysis, or related defensive security roles. 
  • 2+ years of hands-on experience developing detection logic in SIEM, EDR, or cloud-native security tools (ex: Sentinel, Splunk, CrowdStrike, Carbon Black, Defender, Chronicle, Elastic). 
  • 2+ years of hands-on experience working on anomaly detection or AI threat engines. 
  • Proven experience analyzing attacker behavior, MITRE ATT&CK techniques, and common threat vectors. 
  • Strong understanding of malware behavior, endpoint telemetry, log sources, security controls, and network protocols. 
  • Ability to identify patterns, anomalies, and indicators across large and diverse data sets. 
  • Experience with scripting or automation (Python, PowerShell, or similar) is preferred. 
  • Familiarity with cloud environments (AWS, Azure, GCP) and SaaS applications such as Office 365 and G-Suite. 
  • Strong written and verbal communication skills with the ability to translate technical detection concepts into clear, actionable documentation. 
  • A passion for continuous learning, emerging threats, and improving defensive security capabilities. 


Why you'll love life at Command|Link

Join us at CommandLink, where you'll have the opportunity to shape the future of business communication. We value the innovative spirit and seek individuals ready to bring their unique vision and expertise to a team that values bold ideas and strategic thinking. Are you ready to make an impact?

  • Room to grow at a high-growth company
  • An environment that celebrates ideas and innovation
  • Your work will have a tangible impact
  • Flexible time off  
  • Fun events at cool locations
  • Employee referral bonuses to encourage the addition of great new people to the team


At CommandLink, we’re committed to creating a fair, consistent, and efficient hiring experience. As part of our process, we use AI-assisted tools to help review and analyze applications. These tools support our recruiting team by identifying qualifications and experience that align with the requirements of each role.


AI tools are used only to assist in the evaluation process — they do not make final hiring decisions. Every application is reviewed by a member of our recruiting or hiring team before any decisions are made.


Security Operations

Philippines

Share on:

Terms of servicePrivacyCookiesPowered by Rippling