Senior Threat Detection Engineer

ADPRoseland, NJ
2hHybrid
Match Resume

About The Position

ADP is hiring a Threat Detection Engineer in our Roseland, NJ office. This is a HYBRID role. In this role, you will work with Global Security teams from Critical Incident Response Center (CIRC), Threat Intelligence, Threat Hunting, Red Team, and AppDev, to create and drive threat detection to protect ADP assets. You will help lead efforts to design/define/create requirements to develop prevention, detection, and response capabilities within ADP Cyber security platforms. You will collaborate with other Detection Engineers to design, build & maintain cyber alert catalogs. You are keen on promoting the use of innovative new technology and best practices for evolving security objectives. You can present your ideas clearly, professionally on paper, in person, on video calls, and over the phone. You have solid experience analyzing and defining solutions, maintaining and enhancing existing solutions, and participating in the delivery of projects. You enjoy brainstorming new concepts and collaborating with your team members. You can work with partners in IT, Ops, and Engineering to provide support for troubleshooting Production issues. Our best engineers are enthusiastic creators who stay current on new ways of optimizing threat detections and processes and enhancing business intelligence automation. They are always looking for new ways to improve detection quality. To thrive as a threat detection engineer, you'll need to enjoy SOAR Development and coding in Python and SQL. You'll need an understanding of leveraging APIs to pull and push data from different data sources to update records in the SOAR platform.

Requirements

  • 3-5 years experience in threat detection or threat hunting
  • Strong analytical skills and cross-functional knowledge across multiple security disciplines
  • Strong interpersonal, verbal presentation, and written communication skills
  • Strong knowledge and working experience with databases and data warehouse technologies and solutions
  • Strong working experience with systems automation in a major scripting language (Python, PowerShell)
  • Strong experience building detection logic utilizing security logs to detect malicious activity with high fidelity across a broad set of detection use cases
  • Strong project/program management experience
  • Working experience with one or more cloud providers, such as Amazon Web Services or Microsoft Azure
  • Familiar with interpreting the log output of a wide selection of network and host device classes(HIDS, NIDS, Firewalls, Proxies, Routers, Switches, WAFs, Servers, Desktop Controls, Endpoint Protection, etc.)
  • Functional experience with text and data representation and manipulation (XML, HTML, Regular Expressions, JSON, REST, SQL)
  • Packet-level behavioral familiarity with most major TCP/IP application protocols ( DNS, SMTP, HTTP, BGP, LDAP, IMAP, SSH, FTP, KRB5, DHCP, CIFS)
  • Experience working with SIEM and SOAR
  • Creative thinker that leverages unconventional and innovative ideas to solve problems
  • Ability to communicate security-related concepts to a broad range of technical and non-technical staff
  • Must possess a high degree of integrity, be trustworthy, and have the ability to work independently

Responsibilities

  • Develop advanced alerting capabilities based on threat intelligence, post-incident findings, new threats, and vulnerabilities
  • Maintain an expert-level understanding of attacks, vectors, and emergent threats
  • Develop new detection for our SOAR platform based on specific requests from stakeholders, threat intelligence, threat hunting, or purple exercise
  • Collaborate regularly with our CIRC and threat management to understand their requirements and needs
  • Experience with creating and implementing content in EDR, NDR, and SOAR
  • Stay updated with the latest threats and familiar with APT and common TTPs to integrate knowledge into new detections
  • Contribute to the development and updating of SOPs
  • Ability to provide content on deliverables, including written reports and technical documents, SOPs and configuration guides, and training and briefing materials
  • Work closely with the CIRC, Threat management team, and engineering teams to improve and build new tailored security detections
  • Analyze CIRC alert statistics and workflows to reduce false positives and properly focus engineering efforts
  • Provide design support on ways to improve detection and response capabilities
  • Provide backup support to the CIRC team when necessary
  • Help mature CIRC playbooks, workflow automation, and use cases to protect ADP assets
  • Build detection logic utilizing security logs to detect malicious activity with high fidelity across a broad set of detection cyber use cases
  • Act as a subject matter expert in multiple areas: security log signals from Linux, macOS, Windows, EDR, NDR, and cloud

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Education Level

No Education Listed

Number of Employees

5,001-10,000 employees

Job Search Resources

Similar Senior Threat Detection Engineer job opportunities

Senior Threat Detection Engineer
Salesforce
Salesforce • Seattle, WA13d
Senior Threat Detection Engineer
Salesforce
Salesforce • Seattle, WA12d
🔥 New JobThreat Detection Senior Engineer
Wells Fargo
Wells Fargo • Iselin, NJ23h • $100,000 - $196,000
🔥 New JobThreat Detection Principal Engineer
Wells Fargo
Wells Fargo • Iselin, NJ23h • $159,000 - $305,000
Senior Security Engineer - Threat Detection Engineering
Datadog
Datadog • Boston, MA13d • $187,000 - $240,000 • Hybrid
Senior Security Engineer
Gemini
Gemini • San Francisco, NY3d • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service