Overview TekWissen is a global workforce management provider headquartered in Ann Arbor, Michigan that offers strategic talent solutions to our clients world-wide. Our client provider of digital technology and transformation, information technology and services Position: Threat Detection Engineer Location: Bellevue, WA Duration: 6 Months Job Type: Contract Work Type: Onsite Job Description • We are seeking a seasoned Anvilogic Expert to lead advanced AI-based threat hunting and root cause analysis (RCA) initiatives across our security operations. • The ideal candidate will have deep hands-on experience with Anvilogic’s hunting workbench, detection engineering, and threat chain correlation, and will play a key role in improving incident detection, investigation, and response. • This role is critical for elevating our SOC maturity through automated detection engineering, proactive threat hunts, and actionable RCA that minimizes security risk and response time. Key Responsibilities AI-Based Threat Hunting: • Leverage Anvilogic’s threat hunt workbench and AI-driven tools to proactively detect hidden threats across SIEM, EDR, cloud, and endpoint data. • Develop and execute MITRE ATT&CK-aligned hypotheses, using multi-source telemetry and behavioral analytics. • Automate detection generation and tune logic to increase signal fidelity and reduce false positives. Root Cause Analysis (RCA) • Conduct in-depth RCA of complex incidents by correlating alert timelines, threat chains, and telemetry signals within Anvilogic. • Present RCA findings clearly to technical and non-technical stakeholders. • Contribute to the development of detection improvement loops based on RCA feedback. Detection Engineering & Content Development • Create and maintain custom detection logic, hunt queries, and response playbooks using Anvilogic’s AI-assisted tools. • Collaborate with internal security teams to develop threat narratives and detection packs aligned with business risk. • Contribute to Anvilogic content lifecycle: testing, publishing, and tuning of detection logic. Security Operations Support • Monitor and triage Anvilogic alerts and correlate with real-time telemetry for deeper analysis. • Provide continuous feedback to improve threat detection coverage, response accuracy, and hunting workflows. • Mentor junior analysts on Anvilogic tooling and RCA methodology. Required Skills & Qualifications • 3+ years of experience in security operations, threat hunting, or detection engineering. • 1–2 years of hands-on experience with Anvilogic or similar advanced detection platforms. • Strong knowledge of MITRE ATT&CK, threat modeling, and adversary behavior analysis. • Familiarity with SIEM tools (e.g., Splunk, Sentinel, Chronicle) and cloud telemetry (e.g., AWS, Azure). • Experience with structured query languages (SPL, KQL, etc.) and security log analysis. • Ability to correlate multi-source data to identify attack patterns and causality. • Excellent written and verbal communication for presenting RCA findings and hunt outcomes. • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or equivalent field. Nice To Have • Anvilogic or MITRE ATT&CK certifications (e.g., Threat Hunter, Detection Engineer). • Experience with AI/ML-enhanced security tools or data science methods in threat detection. • Familiarity with security automation tools (SOAR), Python scripting, or YAML. • Exposure to threat intelligence feeds and integrating TI with hunt workflows. TekWissen® Group is an equal opportunity employer supporting workforce diversity.