Cyber Threat Engineer - Global Threat Operations

About the role

LevelBlue is seeking a Cyber Threat Engineer to join its Threat Detection and Response (TDR) team. The role supports 24/7 monitoring and response for managed security services, acting as a technical escalation point for complex security incidents.

Key responsibilities

• Analyze escalated, complex security cases and patterns from endpoint detection and response tools.
• Resolve technical problems within managed security solutions and drive continuous improvement projects.
• Create, improve, and document processes for security solution management and monitoring.
• Tune detection devices to meet customer business needs and baseline threat detection in potentially breached environments.
• Test and refine endpoint detection, protection, and response policies.
• Provide timely responses to DFIR and client security teams during investigations.
• Perform rotating on‑call duties, including nights and weekends.
• Mentor analysts and serve as an escalation point within the TDR team.

Required profile

• Intermediate knowledge of cyber investigation, incident handling, and endpoint detection and response.
• Experience with Unix/Linux and Windows system administration.
• Familiarity with current exploit and remediation techniques, threat hunting, and web services administration.
• Ability to work independently, follow documentation and escalation procedures, and maintain high customer satisfaction.

Required skills

• Palo Alto Cortex XDR (advanced)
• Endpoint Detection and Response (EDR) technologies
• Unix/Linux system administration
• Windows system administration
• Threat hunting and investigation
• Web services administration
• Log collection and analysis tools
• Intrusion analysis

What we offer

• Opportunity to work with AI‑powered security operations and elite human expertise.
• Exposure to a global client base and cutting‑edge threat intelligence.
• Professional growth within a leading managed security services provider.