Detection DevOps Engineer

As a leading provider of AI-powered extended managed detection and response (MXDR) services, Ontinue is on a mission to be the most trusted, 24/7, always-on security partner that empowers customers to embrace the future by using AI to operate more strategically, at scale, and with less risk. We believe that the combination of AI and human expertise is essential for delivering effective managed security that is tailored to a customer’s unique environment, operational constraints, and risks.

Our MXDR service combines powerful proprietary AI with a one-of-a-kind collaboration model to continuously build a deep understanding of our customers’ environments, informing how we prevent, detect, and respond to threats. Our unrivaled Microsoft expertise allows customers to achieve these outcomes with the Microsoft Security tools they already own. The result is highly localized managed protection that empowers security teams to be faster, smarter, and more cost efficient than ever before. 

Continuous protection. AI-powered Nonstop SecOps. That’s Ontinue. 

Your mission

As a Detection DevOps Engineer, you will be an essential part of our Threat Detection team. Your primary focus will be to develop, deploy, and maintain Detection-as-Code solutions, automated detection processes, and data integration solutions.

At Ontinue, we’re building a robust Managed Detection and Response (MDR) platform, integrating tightly with Microsoft's security ecosystem. You will work alongside Detection Engineers, Automation Engineers, and Platform Developers to operationalize and continuously improve how we deliver high-quality detection content to customers at scale.

Responsibilities

• Help design, implement and maintain a complete CI/CD tool chain used by Threat Detection team to automate testing, validation and deployment of detection rules across customer environments in Azure platform.
• Enable and support Detection-as-Code workflows, ensuring that detection content is version-controlled, peer-reviewed, and seamlessly integrated into production.
• Develop and maintain tooling (primarily in Python) to streamline detection detection engineering automation, improve operational efficiency, and reduce manual intervention.
• Work closely with Detection Engineers, Backend and Frontend Engineering, Data Science, Architecture and SOC teams to enhance MDR platform capabilities and align on service improvements.
• Contribute to validating and optimizing detection rules through automated testing and threat emulation tools to reduce false and benign positives and enhance detection accuracy.
• Continuously monitor, troubleshoot, and improve pipeline performance and detection delivery reliability, ensuring operational efficiency.
• Document CI/CD pipeline, automated workflows, processes, and data integration solutions. Share knowledge and best practices across teams.
• Contribute to the development of detection logic and strategies, applying frameworks like MITRE ATT&CK across log sources.
• Stay up to date with new Detection-as-Code technologies, DevOps practices, and industry trends to continuously improve detection capabilities and operational efficiency.

Required skills

• 3+ years in detection engineering, DevOps, or related fields, with a focus on cybersecurity.
• Strong experience designing, implementing, and maintaining CI/CD pipelines using tools like GitHub, Azure DevOps, Jenkins, GitLab, or similar platforms.
• Experience with Detection-as-Code frameworks and practices, ensuring automated, version-controlled delivery of detection logic.
• Experience with cloud platforms, especially Azure, and familiarity with Infrastructure-as-Code tools like Terraform or ARM templates.
• Proficiency in Python, PowerShell, or Bash for tooling, automation, and scripting related to detection content and processes.
• Proficiency with Git and GitHub for version control, and experience working in Agile development environments such as Jira.
• Familiarity with MITRE ATT&CK and its application in detection engineering, along with an understanding of security technologies such as EDR, IDS/IPS, SIEM, and XDR solutions (e.g., Microsoft Sentinel).
• Strong communication skills with the ability to work effectively with cross-functional teams (Detection Engineers, Backend and Frontend Engineers, Data Science, and SOC teams) to align on service improvements and detection strategies.
• Strong problem-solving abilities, with the ability to innovate and optimize detection workflows.

Bonus Skills

• Experience with Microsoft Sentinel, Defender for Endpoint, Defender for Identity, and other Microsoft security solutions.
• Experience developing or maintaining security content pipelines (detections, playbooks, response actions).
• Experience in red teaming or adversary simulation, with a focus on threat emulation, attack paths, and vulnerability exploitation to improve detection strategies.
• Experience with Terraform, Bicep, Pulumi, or other IaC tools for automating cloud infrastructure deployments.
• Exposure to Kubernetes, containerization, and serverless architectures.

What we offer:

 We have been recognized as a top place to work! In addition to a competitive salary, we also offer great benefits and access to management and Microsoft training.

Come as you are!  We search for amazing people of diverse backgrounds, experiences, abilities, and perspectives. Ontinue welcomes and encourages diversity in the workplace regardless of race, gender, religion, age, sexual orientation, disability, or veteran status.

Next Steps:

 If you have the skills and experience required and feel that Ontinue is a place you can belong, we would love to get to know you better! Please drop an application to this role and our talent acquisition manager will be in touch to discuss further.

Learn more: www.ontinue.com.