Salary: $80,000.00 - $100,000.00 Annually
Location : Richland County, SC
Job Type: FTE - Full-Time
Job Number: 25-110
Agency: State Law Enforcement Division (SLED)
Division: Information Technology & Security
Opening Date: 08/25/2025
Closing Date: 9/7/2025 11:59 PM Eastern
Residency Requirement: No
Class Code:: AM82
Position Number:: 61151679
Normal Work Schedule:: Monday - Friday (8:30 - 5:00)
Normal Work Schedule (Other):: This position participates in an on-call status.
Pay Grade: TEC07
Hiring Range - Min.: $80,000.00
Hiring Range - Max.: $100,000.00
Opening Date: 08/25/2025
EEO Statement: Equal Opportunity Employer
Agency Specific Application Procedures:: All applicants must complete the on-line State application to include all current and previous work history and education. A resume will not be accepted in lieu of a completed application, nor will it be used to determine if an applicant has met the qualifications for the position.
Veteran Preference Statement: South Carolina is making our Veterans a priority for employment in state agencies and institutions.

Job Responsibilities
About SLED
The South Carolina Law Enforcement Division (SLED) is a premier statewide law enforcement agency dedicated to serving and protecting the citizens of South Carolina. With a proud history rooted in integrity, professionalism, and public service, SLED is committed to providing high-quality investigative, intelligence, and forensic services to support law enforcement agencies across the state.

At SLED, we value dedication, ethical conduct, accountability, and a strong commitment to justice. Our agency plays a vital role in maintaining public safety and supporting criminal justice efforts at the local, state, and federal levels. From advanced forensic science to homeland security, criminal investigations, and criminal justice information systems, SLED's diverse responsibilities make it one of the most dynamic law enforcement agencies in the state.

We foster a professional work environment where teamwork, respect, and continuous improvement are fundamental. Our employees are held to the highest standards and are given opportunities to grow within a mission-driven organization that makes a meaningful difference in South Carolina communities.

Learn more about why you should join our team at
General Responsibility
The Detection Engineer is responsible for designing and implementing custom detection rules within SLED's systems to proactively identify and mitigate emerging cyber threats. By collaborating with threat intelligence analysts, the Detection Engineer ensures that detection mechanisms are aligned with current threat landscapes, tactics, and procedures, minimizing visibility gaps and enhancing the organization's security posture. Additionally, this role involves supporting external organizations through South Carolina Critical Infrastructure Cybersecurity (SC CIC) membership by sharing and tailoring detection rules to their environments.

Specific Duties

• Design and implement tailored detection rules to identify and counter emerging cyber threats, ensuring comprehensive coverage of the organization's attack surface.
• Collaborate with SC CIC threat intelligence team to integrate the latest threat intelligence into detection strategies, updating rules to reflect current adversary tactics, techniques, and procedures.
• Assist external partners and organizations by creating and sharing detection rules, providing clear guidance and explanations to facilitate effective implementation.
• Proactively analyze security data and logs within EDR, NDR, and SIEM systems to identify potential threats or anomalies that may not yet be caught by existing detection rules, contributing to proactive threat hunting initiatives.
• Configure and integrate security tools within the SOC environment to streamline detection workflows, leveraging automation to improve efficiency in rule deployment, log correlation, and alert triage.
• Maintain detailed documentation of detection rules, their purpose, and associated threat intelligence, while also generating reports to communicate rule performance, coverage gaps, and recommendations to SOC leadership and stakeholders.

Minimum and Additional Requirements

• A bachelor's degree in a related field or at least four years of relevant work experience in the areas of information technology, information security, and risk management.
• Must have a strong knowledge of cybersecurity concepts and operations.
• Must have a comprehensive understanding of the Windows Operating System, Windows Internals, Active Directory, and Networking Concepts in order to detect anomalous activity and write detections.
• Must have experience with writing detections in Yara, Suricata, Zeek, and Kusto Query Language (KQL), or Endpoint Detection and Response (EDR), or Security Information and Event Management (SIEM) platforms.
• Must have the ability to mentor mid level position in Information Security.
• Must have excellent problem solving skills and both written and verbal communication skills.
• This position will require participation in an on-call status and may require response after-hours to incidents.
• This position is subject to travel statewide, including some overnight travel.
• This position in on-site in Columbia, SC.

Additional Comments
South Carolina Law Enforcement Division (SLED) is committed to providing equal employment opportunities to all applicants and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions, including, but not limited, to lactation), national origin, age (40 or older), disability or genetic information.
SLED offers an exceptional benefits package for FTE positions that includes:

• Health, Dental, Vision, Long Term Disability, and Life Insurance for Employee, Spouse, and Children
• 15 days annual (vacation) leave per year
• 15 days sick leave per year
• 13 paid holidays
• Paid Parental Leave
• State Retirement Plan and Deferred Compensation Programs

Supplemental questions are considered part of the official application. Any misrepresentation of yourself may be grounds for disqualification.

Conditional selection based on candidate education, training, experience, oral interviews and clearance of background investigation.
Benefits for State Employees
The state of South Carolina offers eligible employees generous benefits, including health and dental insurance; retirement and savings plan options; and paid vacation and sick leave. Plus, work-life balance programs such as telecommuting and flexible work schedules are available to employees of some state agencies.

Insurance Benefits
Eligible employees may enroll in health insurance, which includes prescription coverage and wellness benefits. Other available insurance benefits include dental, vision, term life insurance, long term disability and flexible spending accounts for health and child care expenses.

Retirement Benefits
State employees are also offered retirement plan options, including defined benefit and defined contribution plans. Additionally, eligible employees may elect to participate in the South Carolina Deferred Compensation Program, which is a voluntary, supplemental retirement savings plan offering 401(k) and 457 plan options.

Workplace Benefits
State employees may also be eligible for other benefits, including tuition assistance; holiday, annual and sick leave; and discounts on purchases, travel and more.

Note: The benefits above are available to most state employees, with the exception of those in temporary positions. Employees in temporary grant and time-limited positions may be eligible for all, some or none of these benefits as benefits are associated with each position type. For these positions, contact the hiring agency to determine what benefits may be available.
01

Do you have a bachelor's degree in an information technology related field or at least four (4) years of experience in the areas of information technology, information security, and risk management?

• Yes
• No

02

Please describe your experience using Windows Operating System, Windows Internals, Active Directory, and Networking Concepts to detect anomalous activity and write detections.
03

Please describe your experience with writing detections in Yara, Suricata, Zeek, and Kusto Query Language (KQL), or Endpoint Detection and Response (EDR), or Security Information and Event Management (SIEM) platforms.
04

I understand that this position is subject to on-call status and may require statewide and overnight travel.

• Yes
• No

05

As part of the application process, are you willing to submit to a background investigation to include: a criminal history check, driving record, history of drug use, employer and personal reference checks?

• Yes
• No

06

Have you ever used/experimented with any illegal drugs? If yes, provide name of drug and last date used.
07

Have you ever purchased or sold any illegal drugs? If yes, provide name of drug and date of action.
08

As a condition of employment, I understand that all sworn and non-sworn employees, including contract and temporary employees will be subject to random drug testing.

• Yes
• No

09

I understand that these supplemental questions are an official part of this application. Any attempt to misrepresent myself may be grounds for disqualification.

• Yes
• No

10

I have read each question carefully and affirm or attest that all questions answered are true and correct?

• Yes
• No

11

Will you need reasonable accommodations to participate in the selection procedures (e.g., interview, written tests, or job demonstrations)? If yes, contact the human resources office of the S.C. Law Enforcement Division.

• Yes
• No

12

How did you learn about this career opportunity? (Careers.SC.Gov; LinkedIn; Employee Referral; Career Fair; Direct E-Mail; Etc.) Please specify below.
Required Question