Security Threat Detection Engineer

February 1

Apply Now
Logo of Cloud Security Services

Cloud Security Services

Zero Trust • Workforce Identity and Access Management • Customer Identity and Access Management • Data Security (Rest and In Motion) • Perimeter-less Security

2 - 10

Description

• Ideate, design, develop, test, monitor, and tune high-quality detections to ensure security analysts have the ability to respond to security threats • Write complete and well-documented alerting and detection strategies to ensure the security analysts and incident responders have the necessary context and runbooks to respond to detections • Build, maintain, and improve custom detection and alerting solutions, or work with existing commercial tools to ensure they are tuned properly to meet detection coverage needs • Act as a subject matter expert for security-relevant logs and data to assist Incident Response team during high-priority investigations • Collaborate with Threat Intelligence team to ensure detections have a meaningful impact on improving security posture

Requirements

• 1 – 3 years experience with hands-on experience with full-lifecycle detection engineering in support of a security operations team • Experience as a Security Operations Analyst or Incident Responder • Comfortability operating in Splunk or other common SIEM and SOAR solutions • Technical depth in one or more of the following specialties: application security, cloud security, digital forensics, malware analysis, threat hunting, incident response or some combination thereof • Familiarity with SQL, relational databases, and data warehousing • Basic Python (or other scripting language) experience in order to automate tasks within case management and CI/CD environment • Experience with defining, collecting, and analyzing various metrics that exhibit the purpose and success of a maturing Detection Engineering program (i.e. MITRE ATT&CK coverage) • Demonstrated knowledge of threat actor techniques, vulnerabilities, and exploits, and how those present themselves within logs and various endpoint/network artifacts • Excellent communication and collaboration skills • Ability to work with a high degree of autonomy • Excellent analytical skills • Collaborative team worker – both in person and virtually using WebEx or similar • Excellent documentation skills; demonstrated proficiency in Microsoft Office including Word, Excel, and PowerPoint • Ability to work as liaison between business and information security / information technology • Flexibility to accommodate working across different time zones • Excellent interpersonal communication skills with strong spoken and written English • Business outcomes mindset • Solid balance of strategic thinking with detail orientation • Self-starter, ability to take initiative • Project management and organizational skills with attention to detail

Benefits

• 6-month remote opportunity • Competitive salary and benefits package • Opportunity to work with cutting-edge technologies and industry-leading solutions • Equal opportunity employer • Flexible work hours • Training and certification programs • Collaborative and inclusive work environment

Apply Now
Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or lior@remoterocketship.com