Senior Detection Engineer

November 12

Apply Now

Receive Emails with Similar Jobs

Red Canary

WebsiteLinkedInAll Job Openings

Threat Detection • Endpoint Detection & Response • Endpoint Security • Managed Security • Threat Hunting

201 - 500 employees

Founded 2017

🔒 Cybersecurity

🔐 Security

Description

• Who We Are • Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber threats. • We’re a cyber security company who protects, supports and empowers organizations to make better security decisions so they can focus on their mission without fear of cyber threats. • The combination of our market-defining technology and expertise prevents breaches every day and sets a new standard for partnership in the industry. • We’re united in our commitment to customers and grounded in our values, which earned us a place on the Forbes Best Start-up Employers 2022 list. • If our mission resonates with you, let’s talk. • What We Believe In • Do what’s right for the customer • Be kind and authentic • Deliver great quality • Be relentless • Challenges You Will Solve • The Cyber Incident Response Team (CIRT) continues to push the boundaries of threat detection and response with a unique combination of operations, threat research, and engineering in tight integration with the development team that designs our analysis platform and the Red Canary Threat Detection Engine. • The security landscape is always shifting and introducing new adversaries. • The Red Canary CIRT operates 24/7 to track down threats using the entirety of our customer’s data and deliver fast and practical detections to our customers. • This is not a role where you are encouraged to passively accept the current state. • At Red Canary, you are empowered to actively look for opportunities to automate repetitive and tedious tasks. • We let the automation framework handle the mundane tasks, so that you can remain focused on solving complex and critical problems for our customers.

Requirements

• Analysis experience and proficiency in one or more of the following functional areas: Endpoint (MDR), Cloud/SaaS, Identity, Email, SIEM • Proven experience with automation and orchestration to effectively handle an extreme volume of telemetry and logs in a timely and efficient manner • Strong written communication skills, and abilities to work in a team-centric environment • Strong analytical thought-process and critical thinking skills to translate disparate activity into the realm of threat analysis • Open-source intelligence research skills used in a fast-paced operational environment, and the ability to apply those findings within the analytical workflow to identify threats • Experience leveraging Mitre ATT&CK framework, and familiarity with other alternative attack frameworks and threat models • Familiarity with backend data structures used for security analysis (JSON, YAML, etc.) • Experience using query languages and understanding syntax across EDR or other security platforms (SQL, K, Lucene, etc.) • Experience creating and tuning detectors/rules using commonly known tools such as YARA, SIGMA, Snort, Splunk, Elastic, etc.

Benefits

• 100% Paid Premiums: Red Canary offers a 100% paid plan option for medical, dental and vision for you and your dependents. No waiting period. • Health & Wellness - Access to mental health services, Employee Assistance Program and additional programs to incentivize healthy habits. • Fertility Benefits: All new hires are eligible for benefits as of their first day. • Flexible Time Off: Take the time you need to recharge including vacation, sick, bereavement, jury duty, and holidays. • Paid Parental Leave- Full base pay to bond/care for your new child. • Pre-Tax Plans - Red Canary offers a variety of plans to fit you and your dependent specific needs including FSA, HRA and HSA, with employer funding to offset out of pocket health care expenses. • Flexible Work Environment- With 60% remote workforce, Canaries can work virtually from almost anywhere in the US.