IT Detection Engineer

About SLED
 The South Carolina Law Enforcement Division (SLED) is a premier statewide law enforcement agency dedicated to serving and protecting the citizens of South Carolina. With a proud history rooted in integrity, professionalism, and public service, SLED is committed to providing high-quality investigative, intelligence, and forensic services to support law enforcement agencies across the state.

At SLED, we value dedication, ethical conduct, accountability, and a strong commitment to justice. Our agency plays a vital role in maintaining public safety and supporting criminal justice efforts at the local, state, and federal levels. From advanced forensic science to homeland security, criminal investigations, and criminal justice information systems, SLED's diverse responsibilities make it one of the most dynamic law enforcement agencies in the state.

We foster a professional work environment where teamwork, respect, and continuous improvement are fundamental. Our employees are held to the highest standards and are given opportunities to grow within a mission-driven organization that makes a meaningful difference in South Carolina communities.

Learn more about why you should join our team at www.sled.sc.gov.

• Design and implement tailored detection rules to identify and counter emerging cyber threats, ensuring comprehensive coverage of the organization's attack surface.
• Collaborate with SC CIC threat intelligence team to integrate the latest threat intelligence into detection strategies, updating rules to reflect current adversary tactics, techniques, and procedures.
• Assist external partners and organizations by creating and sharing detection rules, providing clear guidance and explanations to facilitate effective implementation.
• Proactively analyze security data and logs within EDR, NDR, and SIEM systems to identify potential threats or anomalies that may not yet be caught by existing detection rules, contributing to proactive threat hunting initiatives.
• Configure and integrate security tools within the SOC environment to streamline detection workflows, leveraging automation to improve efficiency in rule deployment, log correlation, and alert triage.
• Maintain detailed documentation of detection rules, their purpose, and associated threat intelligence, while also generating reports to communicate rule performance, coverage gaps, and recommendations to SOC leadership and stakeholders.

• A bachelor's degree in a related field or at least four years of relevant work experience in the areas of information technology, information security, and risk management. 
• Must have a strong knowledge of cybersecurity concepts and operations.
• Must have a comprehensive understanding of the Windows Operating System, Windows Internals, Active Directory, and Networking Concepts in order to detect anomalous activity and write detections. 
• Must have experience with writing detections in Yara, Suricata, Zeek, and Kusto Query Language (KQL), or Endpoint Detection and Response (EDR), or Security Information and Event Management (SIEM) platforms. 
• Must have the ability to mentor mid level position in Information Security. 
• Must have excellent problem solving skills and both written and verbal communication skills. 
• This position will require participation in an on-call status and may require response after-hours to incidents. 
• This position is subject to travel statewide, including some overnight travel. 
• This position in on-site in Columbia, SC. 

South Carolina Law Enforcement Division (SLED) is committed to providing equal employment opportunities to all applicants and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions, including, but not limited, to lactation), national origin, age (40 or older), disability or genetic information.

 
SLED offers an exceptional benefits package for FTE positions that includes:

• Health, Dental, Vision, Long Term Disability, and Life Insurance for Employee, Spouse, and Children
• 15 days annual (vacation) leave per year
• 15 days sick leave per year
• 13 paid holidays
• Paid Parental Leave
• State Retirement Plan and Deferred Compensation Programs

Supplemental questions are considered part of the official application. Any misrepresentation of yourself may be grounds for disqualification.
 
Conditional selection based on candidate education, training, experience, oral interviews and clearance of background investigation.