Detection Engineer

AIG

  • London
  • Permanent
  • Full-time
  • 21 days ago
Detection EngineerAmerican International Group, Inc. (AIG) is a leading global insurance organization. AIG member companies provide a wide range of property casualty insurance in approximately 70 countries and jurisdictions. These diverse offerings include products and services that help businesses and individuals protect their assets and manage risks.We’re also committed to making a positive difference for our colleagues and in the communities where we work and live. We encourage colleagues to give back to the causes they care most about, supporting these efforts through our Volunteer Time Off and Matching Grants Programs.Get to know the businessAt AIG, technology is at the heart of everything we do, from underwriting risks to processing claims. The Information Technology team equips our colleagues with the latest tools to complete their work efficiently and with the highest standards of excellence. The team is responsible for shielding the company’s systems from security risks, while designing technology strategies that enable AIG’s businesses to achieve their goals. AIG’s Information Technology functions include enterprise architecture, software and systems engineering, cybersecurity, and technology risk and compliance.About the roleAt AIG we are seeking a skilled and motivated Detection Engineer to join our team. The ideal candidate will be responsible for designing, developing, and maintaining detection rules, and apply modern software security practices to threat detection. This is an opportunity to build and shape a mature Detection-as-Code program from the ground up. Working alongside teams within Security Operations, the Detection Engineering team collaborate with resources all over the globe in support of effective Incident Response and be key personnel at the heart of risk management efforts.Responsibilities
  • Develop, manage and version-control detection logic using Detection-as-Code principles (e.g. Git, CI/CD)
  • Leverage and implement CI pipelines to validate and deploy detection rules.
  • Translate threat intelligence reports and attacker Tools Techniques and Procedures into detection rules.
  • Analyze logs and security telemetry from various sources and tools (endpoint, network, cloud)
  • Continuously tune detections rules to maximize precision and efficacy
  • Troubleshoot and maintain detection rules not functioning as required
  • Build and maintain automation scripts in Python, Bash and PowerShell
  • Build and maintain detection and coverage metrics dashboards
  • Train and mentor Junior Detection Engineers
  • Liaise with other stakeholders and involved parties
  • Collaborate with IR teams as part of response and remediation efforts
Requirements
  • 4+ years in Detection Engineering, Security Operations or Security Automation
  • Knowledge of SIEM, EDR, cloud and network-based detection techniques
  • Exposure to cloud-native logging and monitoring (CloudTrail, Azure, O365)
  • Experience with cloud-native security alerting (GuardDuty, EntraID Identity Protection, Okta ThreatInsight)
  • Understanding of threat actor behaviors and MITRE ATT&CK and how TTPs manifest in collected telemetry
  • Proficiency in script and automation (Python preferred)
  • Experience with Git and CI/CD pipelines (GitHub Actions, Jenkins)
  • Familiarity with YAML/JSON-based rule definitions (e.g. Sigma)
  • Ability to simulate and basic adversary behavior through automated frameworks (Atomic Red Team, MITRE Caldera)
At AIG, we value in-person collaboration as a vital part of our culture, which is why we ask our team members to be primarily in the office. This approach helps us work together effectively and create a supportive, connected environment for our team and clients alike.Enjoy benefits that take care of what mattersAt AIG, our people are our greatest asset. We know how important it is to protect and invest in what’s most important to you. That is why we created our Total Rewards Program, a comprehensive benefits package that extends beyond time spent at work to offer benefits focused on your health, wellbeing and financial security—as well as your professional development—to bring peace of mind to you and your family.Reimagining insurance to make a bigger difference to the worldAmerican International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.Welcome to a culture of inclusionWe’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The talent of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to .Functional Area: IT - Information TechnologyAIG Europe S.A. (U.K. Service Branch) & American International Group UK Ltd

AIG