The Senior Threat Detection Analyst is a cybersecurity expert responsible for advancing the organization's ability to detect sophisticated and emerging cyber threats across on‑premises, cloud, and hybrid environments.

This role focuses on advanced detection engineering, proactive threat hunting, and adversary‑driven detection, working closely with Threat Intelligence, Security Operations, Incident Response, and Red/Purple Teams. The position plays a strategic role in strengthening the security posture by improving detection maturity, closing visibility gaps, and reducing false positives through high‑fidelity detection logic.

Tasks and responsibilities

• Design, implement, and continuously improve advanced threat detection capabilities.
• Develop, tune, and maintain high‑quality detection rules and behavioral analytics.
• Conduct proactive, hypothesis‑driven threat hunting activities.
• Translate adversary TTPs and attack techniques into actionable detections.
• Collaborate with Threat Intelligence, SOC, Incident Response, and Red/Purple Teams.
• Analyze complex attack chains, kill chains, and post‑exploitation activity.
• Identify detection gaps and contribute to continuous detection maturity improvements.
• Reduce false positives while maintaining effective threat visibility.
• Support purple team activities by leveraging red team and penetration test outputs.

Requirements

• Minimum 5 years of experience in threat detection, threat hunting, detection engineering, red team, or penetration testing.
• Strong experience designing and tuning detection rules in enterprise environments.
• Advanced expertise in EDR/XDR platforms (e.g. Microsoft Defender / Microsoft XDR).
• Solid knowledge of MITRE ATT&CK and adversary‑driven detection.
• Hands‑on understanding of advanced attack techniques across Windows, Linux, and cloud.
• Strong scripting skills (Python, PowerShell, or similar).
• Experience collaborating with red, purple, or penetration testing teams.
• Ability to translate offensive tradecraft into high‑fidelity detections.
• OSEP and CARTE (or equivalent) certifications required.
• Fluent English; experience in global, cross‑functional teams preferred

IamBoehringerIngelheim because...

We are continuously working to design the best experience for you. Here are some examples of how we will take care of you:

• Flexible working conditions
• Life and accident insurance
• Health insurance at a competitive price
• Investment in your learning and development
• Gym membership discounts

If you have read this far, what are you waiting for to apply? We want to know more about you!