ThreatLocker® is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. The ThreatLocker® platform with Application Allowlisting, Ringfencing™, Storage Control, Elevation Control, Endpoint Network Control, Configuration Management, and Operational Alert solutions are leading the cybersecurity market toward a more secure approach of blocking the exploits of application vulnerabilities.
ThreatLocker is seeking a Detection Engineer to drive the development and continuous improvement of detection content within the ThreatLocker Detect platform. This role is responsible for creating and maintaining detection rules used by our Endpoint Detection and Response (EDR) and Identity Threat Detection and Response (ITDR) products while ensuring alignment with the MITRE ATT&CK® Framework.
The Detection Engineer will leverage telemetry generated through malware analysis, vulnerability research, and proactive threat hunting to identify detection gaps and improve product coverage. Working closely with Threat Analysts and Security Researchers, this individual will develop high-quality detection logic that identifies evolving attacker techniques while minimizing false positives.
As a Detection Engineer, you are responsible for, but not limited to:
REQUIRED QUALIFICATIONS
WORKING CONDITIONS
The duties described below are representative of those encountered while performing the essential functions of this position. If necessary, reasonable accommodation may be requested and will be evaluated for its relationship to the essential functions that must be performed.
A background check and drug/substance screening are required after a conditional offer. Employment will proceed only upon receiving clear results from both.
ThreatLocker also conducts randomized drug and substance testing approximately every 60 days, in line with the same screening standards.

The ThreatLocker® story.
ThreatLocker journey began with a mission to protect businesses from the devastating effects of cyberattacks. Co-founders Danny Jenkins, Sami Jenkins, and John Carolan set out to create solutions designed to eliminate the guessing game of cybersecurity.
Danny Jenkins began his cybersecurity career in 1997, which included roles such as managing corporate IT, ethical hacking, and becoming an entrepreneur. A significant turning point occurred when Jenkins witnessed the aftermath of a severe phishing attack. The attack disrupted business
operations and nearly resulted in the loss of the company. This incident underscored the critical gaps in existing reactive cybersecurity strategies and motivated Jenkins to develop a proactive, Zero Trust solution designed to give businesses more control over their defenses.
With this commitment, along with Sami Jenkins and John Carolan, he co-founded ThreatLocker, making the Zero Trust approach to cybersecurity reality for many. In just a few years, over 50,000 businesses worldwide have embraced ThreatLocker solutions, a testament companies are ready to move beyond the endless game of trying to outsmart cybercriminals and are adopting instead new, proactive ways to defend against them with ThreatLocker redefining Zero Trust solutions.