Senior Threat Detection Engineer

JLL empowers you to shape a brighter way.  

Our people at JLL are shaping the future of real estate for a better world by combining world class services, advisory and technology for our clients. We are committed to hiring the best, most talented people and empowering them to thrive, grow meaningful careers and to find a place where they belong.  Whether you’ve got deep experience in commercial real estate, skilled trades or technology, or you’re looking to apply your relevant experience to a new industry, join our team as we help shape a brighter way forward.   

The Senior Threat Detection Engineer at Jones Lang LaSalle (JLL) leads the engineering, creation, and tuning of advanced detection capabilities. This role bridges threat hunting, data engineering, and automation to protect enterprise and cloud-native environments from sophisticated threat actors.

Key Responsibilities

• Detection Engineering: Design, implement, and tune high-fidelity detection rules across SIEM, EDR/XDR, and cloud-native SaaS platforms.
• Data Pipeline Management: Work with centralized logging, data lakes, and detection telemetry.
• Threat Modeling & Hunting: Proactively analyze attacker tactics, techniques, and procedures (TTPs) and execute hypothesis-driven threat hunting campaigns.
• Automation & AI Integration: Implement security automations using SOAR platforms and explore AI/ML and Large Language Models (LLMs) to enhance incident response and automated response actions.
• Collaboration: Partner closely with SOC, Red Team, and Threat Intel to validate signal quality, reduce false positives, and improve MITRE ATT&CK coverage.
• Mentorship: Provide technical guidance and mentorship to junior and mid-level security engineers.

Typical Requirements & Qualifications

• Experience: 4–8+ years in cybersecurity, with a heavy emphasis on threat detection, incident response, or SOC operations.
• Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related quantitative field.
• Demonstrative experience in developing automation solutions for Cyber Security
• 5+ years Information Technology experience
• 4+ years of Cyber Security Experience
• 2+ years of any SOAR tool experience (Splunk SOAR, Sentinel, Swimlane, etc
• Experience in utilizing CI/CD tools (such as GitHub Actions) to automate build, test, and deployment processes, ensuring smooth and efficient software delivery
• Familiarity with infrastructure-as-code (IaC) tools (e.g., Terraform, CloudFormation) to automate infrastructure provisioning and ensure consistent environments throughout the development lifecycle
•  Strong verbal communications skills and concise written communication skills
• Strong organizational and multi-tasking and time management skills
• Prefers to work in agile team environment

Technical Skills:

The Senior Threat Detection Engineer at Jones Lang LaSalle (JLL) leads the engineering, creation, and tuning of advanced detection capabilities. This role bridges threat hunting, data engineering, and automation to protect enterprise and cloud-native environments from sophisticated threat actors.

Key Responsibilities

• Detection Engineering: Design, implement, and tune high-fidelity detection rules across SIEM, EDR/XDR, and cloud-native SaaS platforms.
• Data Pipeline Management: Work with centralized logging, data lakes, and detection telemetry.
• Threat Modeling & Hunting: Proactively analyze attacker tactics, techniques, and procedures (TTPs) and execute hypothesis-driven threat hunting campaigns.
• Automation & AI Integration: Implement security automations using SOAR platforms and explore AI/ML and Large Language Models (LLMs) to enhance incident response and automated response actions.
• Collaboration: Partner closely with SOC, Red Team, and Threat Intel to validate signal quality, reduce false positives, and improve MITRE ATT&CK coverage.
• Mentorship: Provide technical guidance and mentorship to junior and mid-level security engineers.

Typical Requirements & Qualifications

• Experience: 4–8+ years in cybersecurity, with a heavy emphasis on threat detection, incident response, or SOC operations.
• Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related quantitative field.
• Demonstrative experience in developing automation solutions for Cyber Security
• Experience in utilizing CI/CD tools (such as GitHub Actions) to automate build, test, and deployment processes, ensuring smooth and efficient software delivery
• Familiarity with infrastructure-as-code (IaC) tools (e.g., Terraform, CloudFormation) to automate infrastructure provisioning and ensure consistent environments throughout the development lifecycle
• Strong verbal communications skills and concise written communication skills
• Strong organizational and multi-tasking and time management skills
• Prefers to work in agile team environment

Technical Skills:

• Advanced proficiency in detection querying languages (e.g., KQL, SPL, SQL).
• Scripting and automation capabilities in languages like Python or Go.
• Strong working knowledge of cloud infrastructures (AWS, Azure) and container environments.

Certifications: Highly desirable to hold industry-recognized certifications like GIAC, CISSP, or equivalent.

Certifications: Highly desirable to hold industry-recognized certifications like GIAC, CISSP, or equivalent.

This position does not provide visa sponsorship. Candidates must be authorized to work in the United States without sponsorship.

Estimated compensation for this position:

This range is an estimate and actual compensation may differ. Final compensation packages are determined by various considerations including but not limited to candidate qualifications, location, market conditions, and internal considerations.

Location:

If this job description resonates with you, we encourage you to apply, even if you don’t meet all the requirements.  We’re interested in getting to know you and what you bring to the table!

Personalized benefits that support personal well-being and growth:

JLL recognizes the impact that the workplace can have on your wellness, so we offer a supportive culture and comprehensive benefits package that prioritizes mental, physical and emotional health. Some of these benefits may include:

• 401(k) plan with matching company contributions

• Comprehensive Medical, Dental & Vision Care

• Paid parental leave at 100% of salary 

• Paid Time Off and Company Holidays

• Early access to earned wages through Daily Pay

At JLL, we harness the power of artificial intelligence (AI) to efficiently accelerate meaningful connections between candidates and opportunities. Using AI capabilities, we analyze your application for relevant skills, experiences, and qualifications to generate valuable insights about how your unique profile aligns with the specific requirements of the role you're pursuing.

JLL Privacy Notice

Jones Lang LaSalle (JLL), together with its subsidiaries and affiliates, is a leading global provider of real estate and investment management services. We take our responsibility to protect the personal information provided to us seriously. Generally the personal information we collect from you are for the purposes of processing in connection with JLL’s recruitment process. We endeavour to keep your personal information secure with appropriate level of security and keep for as long as we need it for legitimate business or legal reasons. We will then delete it safely and securely.

For more information about how JLL processes your personal data, please view our Candidate Privacy Statement.

For additional details please see our career site pages for each country.

For candidates in the United States, please see a full copy of our Equal Employment Opportunity policy here.

Jones Lang LaSalle (“JLL”) is an Equal Opportunity Employer and is committed to working with and providing reasonable accommodations to individuals with disabilities.  If you need a reasonable accommodation because of a disability for any part of the employment process – including the online application and/or overall selection process – you may email us at HRSCLeaves@jll.com. This email is only to request an accommodation. Please direct any other general recruiting inquiries to our Contact Us page > I want to work for JLL.

Pursuant to the Arizona Civil Rights Act, criminal convictions are not an absolute bar to employment.

Pursuant to Illinois Law, applicants are not obligated to disclose sealed or expunged records of conviction or arrest.

Pursuant to Columbia, SC ordinance, this position is subject to a background check for any convictions directly related to its duties and responsibilities. Only job-related convictions will be considered and will not automatically disqualify the candidate.

California Residents only

If you are a California resident as defined in the California Consumer Privacy Act (CCPA) please view our Supplemental Privacy Statement which describes your rights and disclosures about your personal information. If you are viewing this on a mobile device you may want to view the CCPA version on a larger device.

Pursuant to the Los Angeles Fair Chance Initiative for Hiring Ordinance, JLL will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Accepting applications on an ongoing basis until candidate identified.