Sr. Detection Engineer

About The Position

Requirements

• Bachelor’s degree or 4 year degree in Computer Science, Engineering, Math or Physical Science.
• Minimum 8 years of information security technology experience
• Expert, progressive experience with Malware analysis and reverse engineering
• Proven expert experience in creating detections to detect advanced threats in an environment
• Expert knowledge of network monitoring and network exploitation techniques
• Expert experience in responding to malicious threats coming from various sources
• Expert proficiency with Networking and security concepts
• Expert proficiency with Windows, Linux/Unix and MacOperating Systems and Cloud environment structures, analytical process of each, and knowledge on common malware tactics for each of these.
• Expert experience with the incident response process and how they triage alerts
• Proven advanced analytical skills across various technologies
• Ability to work within a team environment as well as independently
• Effective communication skills to speak and write for all technology experience levels.
• Effective interpersonal skills, able to comfortably present to peers, coworkers, and customers
• A propensity for continued development of skills though research and training
• Background and drug screen.

Nice To Haves

• Additional related education, certifications and/or experience is beneficial
• Working experience in cloud technology security

Responsibilities

• Continuous validation of detections and identification of gaps to ensure comprehensive coverage based on the industry standards (MITRE)
• Solves logging problems by optimization of current logs and onboarding new logs to ensure a logging standard are met
• Impacts the CSIRTS team to be able to respond to threats by creating, tuning and testing high fidelity rules for our SIEM platform
• Actively hunt for APT Tactics, Techniques and Procedures
• Classify/categorize hunting use cases based on MTRE ATT&CK framework and cyber kill chain
• Work with incident detection, incident response, cyber threat intelligence, and other teams to coordinate and create remediation plans
• Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of detecting threats.
• Performs the tracking of malicious threats and groups and their tactics and procedures used
• Performs complex analysis of potentially malicious activities and software
• Performs network/system/application/log intrusion detection analysis and trends
• Maintains awareness of trends in security, regulatory, technology, and operational requirements
• Maintains awareness of the current threat landscape, including adversary tactics, techniques, and procedures.
• Maps attacks to well-known APT groups and reports to leadership ongoing threats and threat landscape of Early Warning Systems
• Represents the Security team at internal and external cybersecurity forums
• Document and update processes and procedures
• Ensures the company's commitment to protect the integrity and confidentiality of systems and data.

Benefits

• Competitive medical (PPO/HDHP), dental, and vision plans as well as company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.
• 401(k) Retirement Plan – Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.
• Flexible Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees, plus 11 paid company holidays and a paid volunteer day.
• 12 weeks of Paid Parental Leave
• Maven Family Planning – provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.