Senior Threat Detection Engineer

About Lantern Lantern is the specialty care platform connecting people with the best care when they need it most. By curating a Network of Excellence comprised of the nation's top specialists for surgery, cancer care, infusions and more, Lantern delivers excellent care with significant cost savings to employers and their workforces. Lantern also pairs members with a dedicated care team, including Care Advocates and nurses, for the entirety of their care journey, helping them get back to good health, back to their families and back to work. With convenient access to specialists nationwide, Lantern means quality care is within driving distance for most. Lantern is trusted by the nation's largest employers to deliver care to more than 6 million members across the country. Learn more about us at lanterncare.com.

About You:

You use LOGIC in your decision making and understand that progress is critical to making change. You focus on the execution of your content while balancing a fast-paced environment and you take the time to celebrate both the small & big wins. INCLUSION is a core tenant of your personal beliefs. A diverse and inclusive environment is incredibly important to you. You understand and desire to be a part of a diverse team with different experiences and perspectives & you cherish the differences in each individual that you interact with. You have the GRIT, drive and ambition to tackle big problems. Big problems require big ideas and a team that supports new ideas. You care deeply for your customers are driven to keep HUMANITY in all decisions. Your customers aren’t just the individuals using your product. They are the driving factor in your motivation to make a change. Integrity guides you in life. Focusing on the TRUTH vs. giving people the answers they want to hear. You thrive in a Team Environment. Collaboration is key in innovation and creating change. These pillars of LIGHT are a reminder to our team that we are making a difference by providing guidance and support in navigating the often complex and confusing landscape of healthcare. We hope that through this LIGHT, individuals can find their way to the best care, resources, and support they need to get back to life. If this sounds like you, we would love to connect to speak further about career opportunities at Lantern. Please apply to our role & someone from our Talent Acquisition Team will reach out to help you navigate our interview process. Lantern is seeking a highly skilled Senior Threat Detection Engineer (active builder, investigator, and guardian) to lead the development and optimization of our threat detection capabilities on our Security Operations team. This role will be instrumental in identifying malicious activity, improving detection logic, and collaborating across teams to enhance our security posture. Lead Incident Response investigations and reporting. Location: Remote, United States or Canada

Responsibilities:

• Design, implement, and tune detection rules and logic across SIEM, EDR, and cloud platforms.
• Develop and maintain threat detection use cases based on MITRE ATT&CK and other frameworks.
• Perform threat hunting and anomaly detection using behavioral analytics and telemetry.
• Collaborate with IAM, Data Protection, cloud security, and engineering teams to improve detection coverage.
• Analyze threat intelligence and integrate findings into detection strategies.

Directly monitor, test, and calibrate detection use cases; analyze data to minimize false positives and maximize actionable alerts—proposing and executing code changes to achieve measurable improvements. Directly monitor, test, and calibrate detection use cases; analyze data to minimize false positives and maximize actionable alerts, proposing and executing code changes to achieve measurable improvements.

• Lead purple team exercises and detection validation efforts.
• Maintain technical documentation by directly managing the materials and summaries of your own work and solutions, and by actively communicating updates to stakeholders.
• Develop use-cases based on intelligence, red team results, and incident data

Write detection and correlation rules to identify threats across our stack Assist in onboarding logs and identifying gaps in logs or alert results Develop a deep understanding of data models, macros, indexes, sources, and field alias and the technology foundation our detection stack is built Understand data schema/API standards, automation, and messaging systems Bring a metric-driven mindset to our rules, signals (IOCs), and alerts Other duties as assigned, we are one family and help each other.

Requirements:

5+ years of professional experience in two or more domains, including: detection engineering, data engineering, incident response, threat hunting, threat intelligence

• Refine, validate and exercise our Threat Detection and Response Programs.
• Ability to measure detection coverage across common frameworks (e.g. NIST CSF, MITRE, KC) and simplify rules and configurations to optimize alerts
• Develop detection techniques to protect our evolving environment.
• Ability to automate tasks via scripting, automating inputs and outputs of APIs, and programming skills such as python to enable detection engineering tasks
• Exceptional interpersonal, organizational, and communication skills and ability to internalize and exemplify Lantern’s LIGHT Values.

Strong Candidates Will:

• Experience in healthcare or regulated industries.
• Certifications such as GCDA, GCTI, OSCP, or similar.
• Experience with Sigma rules, YARA, and threat modeling.
• Hands-on technical contributor with demonstrated ability to execute and deliver engineering projects impacting security posture in complex and fast-changing environments.
• Experience designing, coding, and deploying security solutions, comfortable with Python and at least one of: Java, Go, C++, JavaScript, Rust, SQL, or TypeScript.
• Practical skills with security tools and scripting: you design, build, and maintain solutions, not just click in a UI.

Experience writing or refining detection logic for SIEM, EDR, NDR, WAF, or similar, and a record of tuning signals and controls for high fidelity and low noise through real-world testing and iteration.

• Proven ability to analyze and defend modern cloud and on-premises environments: you know how to break and fix systems, leveraging tools like CloudTrail, Security Hub, etc.
• Track record of hands-on threat hunting and incident response, using your engineering skill to create new detections and automate investigation processes.
• In-depth knowledge of attacker TTPs and a technical mindset for designing countermeasures that can be implemented and measured.

Thrives in a team environment, supporting and mentoring peers with your engineering experience, and eager to tackle the next technical challenge.

Benefits:

Medical Insurance Dental Insurance Vision Insurance Short & Long Term Disability Life Insurance 401k with company match Paid Time Off Paid Parental Leave Lantern does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.