**Innovate here. And see your ideas come to life.** It's an exciting time to work in tech at Edward Jones. We are making massive investments in emerging technologies to improve how we work with our clients and with each other. Relationships are the focus of our business model. And working in Technology here means using your skills to build, deliver and maintain the technologies that enable us to deepen and support those relationships. The best part? We develop and create our own industry-leading solutions internally. And you can be a part of it. Working with emerging new technologies. Creating platforms, programs and experiences that change how we work together - and support our client-first focus. Changing the future of our firm, the industry and the advisor-client relationship. **Job Overview** **Position Schedule:** Full-Time This job posting is anticipated to remain open for 30 days, from 03-Feb-2026. The posting may close early due to the volume of applicants. **Overview:** **A Threat Detection Engineer is a role focused on developing skills in adversary tradecraft research, detection development, and detection lifecycle management. Engineers at this level work within clearly defined scope and are supported through structured review, feedback, and mentorship.** **What You'll Do:** **Scope and Ownership** + Detection Engineers work on research and development tasks with scope defined by more senior engineers. Within that scope, they are expected to take full ownership of their work products, including research documentation, detection logic, and follow-up improvements. + Detection Engineers are expected to author detection logic that will be deployed into production environments. All work is reviewed before deployment, but ownership of the work remains with the author. **Research and Documentation** + Detection Engineers are expected to conduct applied research on adversary techniques assigned to them and to produce detailed written documentation describing how those techniques operate at a technical level. This documentation is expected to explain underlying mechanisms and execution flow with enough depth to support future detection work. + Research assignments may cover a defined portion of a technique rather than an entire attack chain. Detection Engineers are expected to produce complete and correct documentation within the assigned scope. **Detection Development and Iteration** + Detection Engineers design, implement, and validate detections based on their research. They are responsible for tuning and improving detections they author, including investigating false positives, missed detections, and validation failures. + Detection ownership is durable. Detection Engineers are expected to iterate on their work over time rather than handing it off when issues are identified. Guidance and feedback are provided, but responsibility for improvement remains with the author. **Validation and Feedback** + Detection Engineers participate in detection validation by engaging with the Threat Emulation team. This includes explaining researched techniques and detection approaches, reviewing validation results, and updating detections based on outcomes. + Detection Engineers are expected to respond to operational feedback related to detections they own, including feedback from security operations and response teams. This feedback is treated as part of the normal detection lifecycle and a core learning mechanism. + Decisions about validation strategy, test cadence, and broader detection health monitoring are handled by more senior Detection Engineers. **Coverage Reasoning** + Within the scope of their assigned work, Detection Engineers are expected to understand how detections map to adversary behavior and available telemetry. They should be able to articulate what activity is detectable, what is not, and why. + Detection Engineers are not expected to own or maintain broader detection coverage models or prioritization decisions. **Collaboration and Communication** + Detection Engineers are expected to regularly present and explain their research and detection work to peers and partner teams. This includes participating in forums such as office hours and responding constructively to questions that surface gaps in understanding. + Detection Engineers interact with partner teams primarily to explain their research and detection work. They are not expected to independently drive cross-team processes or follow-up actions. When issues arise that require coordination beyond explanation or learning, Detection Engineers escalate to more experienced team members. + Detection Engineers participate in peer review as part of their development. This includes reviewing research and detection work authored by others under guidance, and applying feedback received during review to their own work. Peer review is treated as a learning activity rather than a gatekeeping function. Edward Jones' compensation and benefits package includes medical and prescription drug, dental, vision, voluntary benefits (such as accident, hospital indemnity, and critical illness), short- and long-term disability, basic life, and basic AD&D coverage. Short- and long-term disability, basic life, and basic AD&D coverage are provided at no cost to associates. Edward Jones offers a 401k retirement plan, and tax-advantaged accounts: health savings account, and flexible spending account. Edward Jones observes ten paid holidays and provides 15 days of vacation for new associates beginning on January 1 of each year, as well as sick time, personal days, and a paid day for volunteerism. Associates may be eligible for bonuses and profit sharing. All associates are eligible for the firm's Employee Assistance Program. For more information on the Benefits available to Edward Jones associates, please visit our benefits page (https://secure.edwardjonesbenefits.com/fleet/public/index/f914262d-0362-4682-bd1e-0ccd25f1dfb1) . **Hiring Minimum:** $99200 **Hiring Maximum:** $168900 Read More About Job Overview **Skills/Requirements** **What Experience You'll Need:** **Education and Learning Background** + Formal education in computer science, engineering, information security, or a related technical field may be helpful, but is not required. Equivalent experience gained through professional work, independent study, home lab environments, research projects, or other hands-on technical learning is equally valued. + Candidates may come from a variety of backgrounds, including but not limited to security operations, IT, systems administration, software engineering, academic study, or self-directed learning. **Technical Foundations** Candidates should demonstrate foundational understanding in several of the following areas: + Operating system fundamentals, such as process execution, authentication, logging, and system events. + Basic networking concepts, including common protocols and client-server interactions. + Familiarity with structured data and the ability to reason about logs or event records. + Exposure to querying or analyzing technical data using scripts, queries, or similar mechanisms. + Prior experience with specific security platforms or tools is not required. **Research and Learning Skills** + Candidates should demonstrate the ability to learn independently and engage with unfamiliar technical material. This includes: + Reading and understanding technical documentation, research write-ups, or specifications. + Reproducing described behavior in a lab, test environment, or conceptual model. + Documenting findings clearly in writing, with attention to technical detail and accuracy. + Experience producing written technical material is a strong signal. This can include reports, documentation, blogs, or project notes. **Communication and Collaboration** + Candidates should be comfortable explaining technical concepts to others and engaging in constructive discussion. This includes: + Asking questions when concepts are unclear. + Accepting feedback and incorporating it into subsequent work. + Explaining what they learned and how they approached a problem, both in writing and verbally. + Prior experience working in team-based technical environments is beneficial but not required. **Current INTERNAL home-based associates:** While this role is posted as hybrid, **if selected and accepted, you may retain your home-based status** . Edward Jones intends in good faith to continue offering the role as home-based, though future business or regulatory needs may require on-site work. ****Candidates that live within a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office four days per week effective June 1, 2026. Before June 1, 2026, candidates that live within a commutable distance from our Tempe, AZ and St. Louis, MO home office locations are expected to work in the office three days per week, with preference for Tuesday through Thursday.**** Read More About Skills/Requirements **Awards & Accolades** At Edward Jones, we are building a place where everyone feels like they belong. We're proud of our associates' contributions to the firm and the recognitions we have received. Check out our U.S. awards and accolades: Insights & Information Blog Postings about Edward Jones (https://careers.edwardjones.com/blog/?\_sft\_category=awards-accolades) Check out our Canadian awards and accolades: Insights & Information Blog Postings about Edward Jones (https://careers.edwardjones.com/en-CA/blogs/?\_sft\_category=awards-accolades-en-ca) Read More About Awards & Accolades **About Us** Join a financial services firm where your contributions are valued. Edward Jones is a Fortune 500¹ company where people come first. With over 9 million clients and 20,000 financial advisors across the U.S. and Canada, we're proud to be privately-owned, placing the focus on our clients rather than shareholder returns. Behind everything we do is our purpose: We partner for positive impact to improve the lives of our clients and colleagues, and together, better our communities and society. We are an innovative, flexible, and inclusive organization that attracts, develops, and inspires performance excellence and a sense of belonging. People are at the center of our partnership. Edward Jones associates are seen, heard, respected, and supported. This is what we believe makes us the best place to start or build your career. View our Purpose, Inclusion and Citizenship Report (https://careers.edwardjones.com/blog/edward-jones-releases-annual-purpose-inclusion-and-citizenship-report/?codes=DIRECT&utm\_source=DIRECT) . ¹Fortune 500, published June 2024, data as of December 2023. Compensation provided for using, not obtaining, the rating. Edward Jones does not discriminate on the basis of race, color, gender, religion, national origin, age, disability, sexual orientation, pregnancy, veteran status, genetic information or any other basis prohibited by applicable law. \#LI-HO