Detection Engineer

Address:

Job Family Group:

Are you passionate about threat detection, attack simulation, and building innovative security solutions? Do you thrive in a high-impact environment where your expertise in researching and developing detections will reduce risk and protect the company and our customers? If so, this role is for you.

Why Join Us?

• Innovate & Evolve – Work alongside penetration testers, threat hunters, and security engineers to develop cutting-edge detections that stay ahead of evolving threats. Your ideas will directly shape our security strategy.

• Challenge the Status Quo – Identify gaps in security detection, hunt down new attack methods, and propose real-world solutions that make an impact.

• 100% Remote – Work From Anywhere – Join a collaborative, high-performing team from anywhere in the world. We value results over location, giving you the flexibility to work how you work best.

• Make a Real Impact – Whether you’re mentoring others, refining security objectives, or leading use case development, your expertise will drive key security decisions. Your voice matters.

What You’ll Bring:

• Min of 3+ years of Splunk experience – Experience with writing advanced queries in Splunk, correlate events, and visualize attack trends.

• Min of 3+ years of network principles & network forensics, as well as detection engineering in a large scale enterprise environment.

• Coding & Automation Skills – Proficiency in Python, Rust, or C# to develop custom security detections.

• Problem-Solver Mentality – A passion for hunting down new threats, identifying gaps, and proposing solutions.

• Strong written and verbal communication & Leadership– Ability to mentor, collaborate, and communicate technical concepts effectively.

Ready to Make an Impact?

If you’re looking for a high-growth, hands-on security role where you can apply your expertise in detection research & engineering, we’d love to hear from you!

This role is 100% REMOTE

Apply now!

The Detection Research and Development team designs effective detection methodologies to find adversaries attempting to access BMO Information Systems.

• Develop innovative use cases leveraging penetration testing team attack simulations, incidents, and threat intel reports
• Discover innovative use cases using custom self built lab environments with attacker toolsets and malware
• Knowledge of network routing and segmentation principles to control traffic in sensitive environments
• Perform open research to identify new malware/attacks in the wild and hunt down ways to detect that activity including new log sources that may need onboarding
• Identify detection gaps and propose feasible ways to address those gaps
• Operationalize valuable out-of-the-box alerts from security tools that allow for efficient tuning
• Lead use case development during the deployment of new security solutions
• Identify applicable and justifiable log sources that should be onboarded to improve BMOs visibility and detection coverage
• Perform gap analysis on current log sources to both improve data elements leveraged for detection and eliminate waste
• Ability to make recommendations regarding the selection of GIOC tools and controls to protect information systems
• Ability to provide input for the development and refinement of GIOC objectives, priorities, strategies, plans and programs
• Translate recommendations from regulators, auditors, Red Team and other outside teams into actionable objectives
• Challenge the status quo for detecting adversarial behavior
• Develop Logging and Detection Objectives during enterprise projects 
• Tuning of use case logic to reduce benign triggers and false positives
• Understand cyber day-to-day operations to create alerts with useful context
• Knowledge of networking principles and network forensics
• Knowledge of web application exploitation techniques and brute force attacks
• Enhance use cases when current log sources are upgraded
• Research and discover use case logic improvements that will increase the quality of our alerts
• Extremely organized and thorough to ensure our Use Case Library stays up to date and relevant
• Ability to effectively operate under high pressure, high visibility environments
• Ability to handle tense situations with tact, diplomacy, and focused communication.
• Ability to manage multiple conflicting priorities and keep them organized effectively
• Strong initiative and drive for results
• Effective with both team-oriented and individually-oriented efforts
• Scripting or coding experience 
• Strive for efficiency in everything we do
• Coach fellow teammates and GIOC teams

Salary:

Pay Type:

The above represents BMO Financial Group’s pay range and type.

Salaries will vary based on factors such as location, skills, experience, education, and qualifications for the role, and may include a commission structure. Salaries for part-time roles will be pro-rated based on number of hours regularly worked. For commission roles, the salary listed above represents BMO Financial Group’s expected target for the first year in this position.

BMO Financial Group’s total compensation package will vary based on the pay type of the position and may include performance-based incentives, discretionary bonuses, as well as other perks and rewards. BMO also offers health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans. To view more details of our benefits, please visit: https://jobs.bmo.com/global/en/Total-Rewards

About Us

At BMO we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.

As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact.  We strive to help you make an impact from day one – for yourself and our customers.  We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.

To find out more visit us at http://jobs.bmo.com/us/en

BMO is proud to be an equal employment opportunity employer. We evaluate applicants without regard to race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other legally protected characteristics. We also consider applicants with criminal histories, consistent with applicable federal, state and local law.

BMO is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to BMOCareers.Support@bmo.com and let us know the nature of your request and your contact information.

Note to Recruiters: BMO does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to BMO, directly or indirectly, will be considered BMO property. BMO will not pay a fee for any placement resulting from the receipt of an unsolicited resume. A recruiting agency must first have a valid, written and fully executed agency agreement contract for service to submit resumes.