Cybersecurity Engineer III

Piper Companies is seeking a Cybersecurity Engineer III to support advanced incident response, threat hunting, and detection engineering efforts across enterprise environments. This is a hybrid position located in Carrollton, Texas. The Cybersecurity Engineer III owns complex security incidents end‑to‑end, performs deeper investigative and threat‑hunting work, and plays a key role in improving detection capabilities, response processes, and overall security posture. This role builds on the Cybersecurity Engineer II responsibilities, with increased ownership, technical depth, and strategic influence.

Key Responsibilities for the Cybersecurity Engineer III

• Own complex cybersecurity incidents end‑to‑end with minimal guidance, including investigation, analysis, coordination, documentation, and post‑incident improvements
• Perform advanced threat hunting and deep investigative work across EDR, SIEM, and cloud environments beyond alert‑driven activity
• Analyze attacker behavior such as process execution, command‑line activity, persistence techniques, and lateral movement
• Tune and improve detections across SIEM and EDR platforms to reduce false positives and improve signal quality
• Create, enhance, and maintain detection logic, rules, and queries based on threat intelligence, attacker behavior, and incident learnings
• Identify gaps in security posture, detection coverage, or response capabilities and recommend practical improvements
• Contribute to incident response strategy, operational maturity, and continuous process improvement initiatives
• Translate technical findings into clear, actionable recommendations for internal security and technology teams
• Serve as a technical escalation point during investigations and guide or mentor junior analysts or engineers as needed
• Partner closely with internal security, infrastructure, and cloud teams during incident response and improvement efforts

Required Qualifications for the Cybersecurity Engineer III

• 5–8+ years of relevant experience in incident response, threat hunting, detection engineering, or advanced SOC (Tier 3 / escalation‑level) environments
• Strong hands‑on experience with EDR platforms (e.g., CrowdStrike, Microsoft Defender) in investigative and response scenarios
• Experience operating and tuning detections within SIEM platforms such as Splunk or Microsoft Sentinel
• Demonstrated ability to independently investigate complex threats, including malware, phishing, account compromise, and advanced attacker activity
• Strong understanding of how EDR, SIEM, cloud environments, and infrastructure work together from a security perspective
• Experience working in Azure and/or AWS environments
• Ability to clearly explain why activity is malicious and communicate impact, risk, and remediation recommendations to both technical and non‑technical stakeholders

Compensation for the Cybersecurity Engineer III

• Salary Range: $135,000–$145,000 (dependent on experience)
• Employment Type: Full‑time, hybrid position requiring on‑site presence in Carrollton, TX (DFW area)
• Benefits: Comprehensive benefits package including Medical, Dental, Vision, 401(k), PTO, and Paid Sick Leave as required by law

This job opens for applications on 04/13/2026. Applications will be accepted for at least 30 days from the posting date.

Keywords

Cybersecurity Engineer III, Incident Response, Threat Hunting, Detection Engineering, SIEM, EDR, CrowdStrike, Microsoft Defender, Splunk, Microsoft Sentinel, Malware Analysis, Cloud Security, Azure, AWS, MITRE ATT&CK, Detection Tuning, Security Investigations, Advanced SOC, Endpoint Security, Command‑Line Analysis, Enterprise Security

#LI‑KG2 #LI‑HYBRID