Security Content Engineer

at BlueVoyant
  • Remote - Worldwide

Remote

Cybersecurity

Mid-level

Job description

Security Content Engineer

Location: United States Remote

Summary

BlueVoyant is seeking a Security Content Engineer to join our fast-paced team focused on building automated security analysis solutions. This fully remote role involves developing detection logic, automation, and visualizations to help clients derive actionable security insights. You’ll work closely with internal teams and customers to enhance security operations through innovative content engineering.

Key Responsibilities

  • Enrich security signals to improve SOC efficiency and outcomes
  • Research threat actors and attack vectors to develop detection content for emerging threats
  • Design and build automation content for onboarding new products
  • Assist clients in testing and tuning detection logic to reduce false positives and alert fatigue
  • Identify and promote reusable content (rules, automations, dashboards) across clients
  • Collaborate with integration teams to optimize log ingestion and reduce noise
  • Deliver research-driven content such as queries, signatures, rules, and knowledge base articles
  • Develop supplemental detection coverage for high-risk vulnerabilities and exploits
  • Contribute to the evolution of security policies, procedures, and automation frameworks
  • Communicate regularly with client IT teams to provide guidance and ensure operational readiness
  • Support the development of incident response processes and documentation
  • Assist with advancing security standard operating procedures and incident response reporting.

Qualifications

  • Strong collaboration and interpersonal skills, especially in distributed team environments
  • Excellent written and verbal communication skills; ability to explain complex topics clearly
  • Experience in writing detection signatures or algorithms
  • Proficiency in analyzing event logs and identifying indicators of compromise
  • Hands-on experience with Microsoft Azure, Sentinel, Defender, and related tools
  • Familiarity with:
    • Sentinel Incidents, Workbooks, Hunting Queries, Notebooks
    • Kusto Query Language (KQL) or similar
    • Complex JSON structures
    • Development tools (Git, IDEs, CI/CD pipelines)Strong scripting skills (Python, Ruby, etc.)
  • Experience in digital forensics and blue team operations
  • Solid understanding of network protocols and infrastructure
  • Ability to gather client requirements and translate them into technical solutions
  • Deep knowledge of:
    • SIEM/SOAR platforms
    • API integrations
    • Endpoint Detection and Response (EDR)
    • Log analysis and malware detection
    • Network monitoring tools
    • Case management systems
    • Atlassian Suite (Jira, Confluence)
    • Email security, DLP, encryption, and vulnerability management

Preferred Qualifications

  • Background in intrusion analysis, detection engineering, or penetration testing
  • 5+ years of experience in IT or cybersecurity, with a focus on SIEM and detection content
  • Relevant certifications such as Microsoft 365 Certified: Security Administrator Associate, GCFA, GCFE, or OSCP

Education

  • Bachelor’s degree in a related field or equivalent professional experience and certifications

About BlueVoyant

At BlueVoyant, we recognize that effective cyber security requires active prevention and defense across both your organization and supply chain. Our proprietary data, analytics, and technology, coupled with deep expertise, works as a force multiplier to secure your full ecosystem. Accuracy! Actionability! Timeliness! Scalability!

Led by CEO, Jim Rosenthal, BlueVoyant’s highly skilled team includes former government cyber officials with extensive frontline experience in responding to advanced cyber threats on behalf of the National Security Agency, Federal Bureau of Investigation, Unit 8200, and GCHQ, together with private sector experts. BlueVoyant services utilize large real-time datasets with industry leading analytics and technologies.

Founded in 2017 by Fortune 500 executives, including Executive Chairman, Tom Glocer, and former Government cyber officials, BlueVoyant is headquartered in New York City and has offices in Maryland, Tel Aviv, San Francisco, London, Budapest, and Latin America.

All employees must be authorized to work in the United States. BlueVoyant provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, BlueVoyant complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.

Disclaimer: Please note that pursuant to contractual requirements and applicable law, in order for employees to perform work on some of the company’s federal contracts, U.S. citizenship is required. Accordingly, an employee’s ability to perform work on such contracts is contingent upon the company’s verification of the employee’s citizenship status. Furthermore, individuals may be subject to additional background checks and fingerprinting.

BlueVoyant Candidate Privacy Notice

To understand how we secure and manage your personal data upon submitting a job application, please see our Candidate Privacy Notice, which can be found here - Candidate Privacy Notice

Share this job:
Please let BlueVoyant know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at BlueVoyant

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply