Detection Security Engineer, Threat Detection & Monitoring

The Detection Security Engineer role is a technical role focused on developing and maintaining customer's threat detection and monitoring content library. This role will serve as a technical subject matter expert on the cyber threat landscape, attacker tactics and techniques and actively contribute to the threat detection content development lifecycle. This role will perform advanced data analysis, work closely with the Incident Response team (customer) and application owners.

Responsibilities

• Providing technical expertise and assistance coordinating defensive toolset engineering, including content creation, tuning, expansion of defensive platforms, and implementation of new controls.
• Assisting with the QA process for monitoring detection content events, including identification of root cause and remediation.
• Participating in internally and externally led Purple Team exercises.
• Maintaining a functional understanding of modern defensive cybersecurity controls functionality and limitations, including the latest defensive technologies and techniques.
• Contributing to program development and expansion initiatives by providing input into strategic direction based on subject matter expertise and an understanding of evolving threats.
• Serving as a subject matter expert across multiple security domains and providing recommendations for both tactical and strategic program enhancements.
• Collaborating with specialists and analysts to actively contribute to risk reduction efforts, including but not limited to assessments and in-depth research and analysis of threats.
• Providing recommendations and influencing decisions made by leadership for improving program maturity.
• Applying a broad range of security knowledge and experience to complex issues and projects.

Basic Qualifications

• Hands-on knowledge of web applications, diverse operating systems, networking protocols, systems administration, and security technologies.
• Strong knowledge and application of cyber security terminology and concepts, and advanced understanding of the cyber threat landscape and attack vectors
• Thorough understanding of the MITRE ATT&CK framework and its practical applications.
• Familiarity with performing data analysis using a modern SIEM.
• Willingness to be available, as needed, for critical and major security issues.
• Demonstrated subject matter expertise across multiple cybersecurity capabilities.
• Ability to author technical documentation and perform quality assurance reviews of documents created by peers.
• Regularly collaborate with peers as well as business and IT stakeholders in support of daily activities.
• Ability to execute autonomously, contributes to decisions based on specialized knowledge.
• Demonstrated critical thinking, problem-solving, and analytical skills; investigates, defines, and resolves critical issues.
• Demonstrated cross-collaboration skills through an ability to coordinate the execution of operations and response activities across technical and business resources.
• Ability to successfully interact with non-technical in-business contacts.
• Strong organization skills with attention to detail.
• Strong written and verbal communication skills with a high level of professionalism.
• Ability to work independently and effectively as part of a team.
• Education & Experience - Minimum of one of the following:

o No college degree and X0+ years of IT experience with X+ years in a specialized information security role o Bachelor's Degree in computer science or related technical field and X+ years of IT experience o Bachelor's Degree in computer science or related technical field and X+ years of specialized information security experience o Master's Degree in computer science or related technical field and X+ years of specialized information security experience Apply tot his job Apply To this Job