Threat Detection Engineer

Company Description

JOB DESCRIPTION

Tradeweb is a global leader in electronic trading for rates, credit, equities, and money markets. As financial markets become increasingly interconnected, our technology enables efficient, multi-asset trading on a global scale. We serve more than 3,000 clients in more than 85 countries, including many of the world’s largest banks, asset managers, hedge funds, insurers, corporations, and wealth managers.

Creative collaboration and sharp client focus have helped fuel our organic growth. We facilitated average daily trading volume (ADV) of more than $2.2 trillion over the past four fiscal quarters, topping $2.5 trillion in ADV for the first quarter of 2025.

Since our IPO in 2019, Tradeweb has completed four acquisitions and doubled our revenues – and 2024 was our 25th consecutive year of record revenues.

Tradeweb is a great place to work, recognized in 2024 by Forbes as one of America’s Best Companies (2024) and by U.S. News & World Report as one of the Best Financial Services Companies to Work For.

Tradeweb Markets LLC ("Tradeweb") is proud to be an EEO Minorities/Females/Protected Veterans/Disabled/Affirmative Action Employer.

Mission: Move first and never stop. Collaborate with clients to create and build solutions that drive efficiency, connectivity, and transparency in electronic trading.

https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf

Job Summary:

The ideal candidate will be responsible for designing, implementing, and maintaining advanced threat detection use cases within a hybrid SIEM environment. This role requires a deep understanding of security information and event management (SIEM), threat hunting, and incident analysis to protect our organization from emerging cyber threats.

Key Responsibilities:

• Develop, optimize, and manage SIEM dashboards, searches, and alerts to identify potential security threats in real-time.
• Create and refine custom SIEM use cases, correlation rules, and detection logic to enhance threat visibility across systems and networks.
• Perform threat hunting and analyze log data to proactively identify anomalies and gaps in current use case library.
• Collaborate with incident response teams to investigate and mitigate security incidents, providing detailed forensic analysis when required.
• Maintain and tune SIEM deployments, ensuring data integrity, performance, and scalability.
• Integrate SIEM with other security tools and data sources to improve detection accuracy and coverage.
• Stay current on evolving cyber threats, attack techniques, and industry best practices to continuously improve detection strategies.
• Document processes, detection methodologies, and incident findings for knowledge sharing and compliance purposes.
  
  

• 5+ years of experience in cybersecurity, with at least 3 years focused on SIEM use case development.
• Highly proficient in Splunk Enterprise Security (ES), including SPL (Search Processing Language), dashboard creation, and alert configuration.
• Strong understanding of network protocols, system logs, and security event analysis.
• Experience with threat intelligence integration and applying MITRE ATT&CK framework to detection efforts.
• Familiarity with scripting languages (e.g., Bash, Python, PowerShell) for automation and data analysis is a plus.
• Understanding of offensive security tactics & techniques such as red teaming and advanced penetration testing is a plus.
• Relevant certifications such as Splunk Certified Power User, Splunk Certified Admin, or cybersecurity certifications such as OSCP, GPEN, GCIH, GCFE are highly preferred.
• Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.
  
  

• Knowledge of additional SIEM platforms or security tools (e.g., Elastic, Google SecOps, Sentinel).
• Ability to mentor team members and contribute to a collaborative security culture.