Senior Detection Engineer

About The Position

Requirements

• Bachelor's degree in a related discipline (e.g., Computer Science, Cybersecurity, Information Systems, Engineering, etc.) and 4 years of experience in a SOC related role
• Hands-On experience administering an enterprise level SIEM including maintaining large set of log parsers, correlation rules, and large-scale deployments
• Experience developing and maintaining detection content in EDR Platforms (CrowdStrike Carbon Black, SentinelOne, etc.)
• Experience using Python, PowerShell, or equivalent scripting language for SOAR automations or data source integrations for a SIEM
• Experience configuring or maintaining log collection pipelines and parsing log data in formats such as Syslog, JSON, XML, or CEF within SIEM or EDR platforms

Nice To Haves

• Experience with threat modeling complex applications and large environments
• Familiarity with the usage of REST API for automation or scripting
• Experience threat hunting attacker TTPs across endpoint and network telemetry
• Experience as a stakeholder with large enterprise cybersecurity projects
• Ability to perform independent analysis, distill relevant findings and root cause
• Ability to communicate complex ideas clearly and effectively using written and verbal communication
• Strong knowledge of network protocols, authentication mechanisms, network and endpoint preventative controls, and operating systems
• Maintains an industry certification such as: CISSP, GCIH, OSCP, CISM, etc.

Responsibilities

• Develop, validate, and operationalize monitoring of detection content for SIEM and EDR platforms
• Scope, design, develop and maintain SOAR automations
• Review and remediate alert false positives and SOC tuning requests
• Troubleshoot log parsing and detection logic in SIEM and EDR platforms
• Coordinate with and support work by third parties such as Managed Security Service Providers (MSSPs), professional service providers, and project managers
• Explore and assess potential log sources for investigative and/or detection relevance
• Participate and engage in purple team campaigns to enhance and develop detection use cases
• Contribute to Cyber Defense projects, meetings, and ad-hoc requests
• Assist training of SOC analysts on analysis techniques and detection methodologies
• Development and maintenance of SDE team policies and procedures

Benefits

• Flexibility to take as much vacation with pay as they deem consistent with their duties
• Seven paid holidays throughout the calendar year
• Up to 160 hours of paid wellness annually for their own wellness or that of family members
• Additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave
• Health care insurance (medical, dental, vision)
• Retirement planning (401(k))
• Paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO)