Detection Engineer

About The Position

Requirements

• Bachelor's degree in computer science/information systems or the equivalent combination of education, training, or work experience.
• GSEC, GCIH, CISSP or other security or network certifications desired.
• Typically requires two or more years of experience with cloud-native data platforms, event streaming and analytic engines.
• Knowledge of network design and data flow/pipelines.
• Strong understanding of security data lakes, SIEM, EDR, and interacting with SOAR.
• Expert proficiency with programming/scripting languages and query languages (Python, R, Powershell, SQL/KQL/LQL).
• Adaptability to new languages and technologies.
• Clean and thoughtful documentation to enable knowledge sharing and reference materials.
• Agile project development methodologies and incident case management experience.
• Familiarity with 'detection-as-code' and implementing CI/CD in detection engineering.
• Ability to identify untapped value, while also possessing a 'consumer-first' mindset to build outstanding security content.
• In-depth knowledge of security technologies (encryption, data protection, design, privilege access, etc.).
• Exploratory mindset, ownership, time management, presentation and organizational skills.
• Passion for securing the mission, continuous learning and a growth mindset.

Responsibilities

• Develop custom detection logic across SIEM, EDR, and other security tooling within a cutting-edge technology stack.
• Leverage threat modeling, detection engineering frameworks, and other creative methods to produce high-fidelity, investigation-worthy alerting.
• Work closely with cross-functional teams to create tailored, purpose-built security content.
• Lead technical knowledge sharing sessions to empower other teammates and stay on the forefront of content development & beyond.
• Possess a 'detection-as-code' mindset to drive security content that is confidently deployed, continuously tested, and expertly tuned.
• Be immersed in our technology stack and logging to deliver solutions that push the boundaries of our security capabilities.
• Stay current with the latest detection engineering techniques, threat tactics, and industry knowledgebase.
• Shape the future of our data science and advanced analytic efforts.