Hunter Strategy
Software Engineering • Information Security/Cyber Security • Enterprise Architecture • Cloud Engineering • Agile
51 - 200
Cybersecurity Detection Engineer
September 18
Hunter Strategy
Software Engineering • Information Security/Cyber Security • Enterprise Architecture • Cloud Engineering • Agile
51 - 200
Description
• Create high-fidelity, actionable alerts using new and existing data sources for quick and effective threat identification, analysis, and eradication • Identify opportunities to improve the effectiveness of existing detection efforts • Develop methodologies to maintain and maximize the integrity and effectiveness of existing alerting • Create, periodically review, test, and validate custom detection content • Leverage cybersecurity threat intelligence to defend against real-world threats • Collaborate with the SOC’s incident response teams to meet operational needs • Stay familiar with adversary Tactics, Techniques, and Procedures (TTPs)
Requirements
• At least one of the following certifications: Splunk Enterprise Security Certified Admin credential • Passed AZ-500 Microsoft Azure Security Technologies exam • Minimum 3 years of experience in detection engineering, threat hunting, security operations, or incident response using Splunk Enterprise Security or Microsoft Sentinel • Experience with adding, updating, and deleting detection rules in Splunk Enterprise Security and Microsoft Sentinel • Proficiency in detection engineering methodologies, including SNORT and YARA rules • Proficiency in Python programming, Bash, and PowerShell • Proficiency in Splunk’s Search Processing Language, React, Kusto Query Language, and the Common Information Model (CIM) • Knowledge and experience in leveraging cybersecurity threat intelligence, indicators of compromise, STIX/TAXII data feeds, MITRE ATT&CK, and SIEM integrations • Strong experience in networking principles, operating systems (Linux / Windows), and security tools such as IDS/IPS, firewalls, proxy servers, and Endpoint Detection and Response (EDR) • Knowledge of Windows Sysinternal Suite (including Sysmon), Unix auditd, and how to tune configuration files for identification of malicious activity
Apply NowSimilar Jobs
September 17
Agoric
11 - 50
Security Engineer for Agoric's decentralized smart contract platform.
🇺🇸 United States – Remote
💰 $32M Initial Coin Offering on 2021-11
⏳ Contract/Temporary
🟡 Mid-level
🟠 Senior
👮♂️ Security Engineer
September 6
Facilitate online cybersecurity classes at Flatiron School, mentoring learners.
August 29
Cloud Security Services
2 - 10
Cloud Security Services seeks a Consultant for Threat Intelligence to evaluate cyber threats.
March 21
Step
51 - 200