Overview
Our client is seeking a curious and motivated Senior Threat Detection & Response Engineer to build state-of-the-art threat detection, investigation and response (TDIR) capabilities.
This role will work with enterprise clients, and internally, to perform threat-informed detection engineering and threat research, implement security data lakes, SIEM and data pipelines strategies and transform response with SOAR and AI-SOC tooling.
You will have the opportunity to shape everything from our technical architecture and services to our company culture, while working on innovative detection engineering challenges.
Core Requirements
* 5+ years in cybersecurity, 3+ years focused on detection engineering
* Proven ability to operationalize threat intelligence into actionable, high-fidelity detections
* Demonstrable experience with detection-as-code using multiple detection languages - SPL, KQL, YARA-L, Sigma, CoreTIDE, YAML
* Proficient with Python, Git / GitHub and developing security tooling integrations and automations
* Hands-on experience of Splunk Cloud, Enterprise Security and SOAR
* Deep understanding of MITRE ATT&CK and how to apply it practically
* Familiarity with offensive security concepts, attacker tradecraft or incident response
* Excellent technical writing and documentation skills
* Comfortable presenting to technical and non-technical audiences
Preferred Requirements
* Experience architecting TDIR platforms or leading detection engineering initiatives
* Expertise with multiple SIEM platforms such as Google SecOps and MS Sentinel
* Experience using security data lakes and pipelines such as Cribl, Snowflake, Databricks
* Splunk Certified Architect (or Enterprise Security Admin)
Bonus Points
* Track record of thought leadership and infosec community contributions (conference talks, blog posts, open source)
* Red team/penetration testing experience
* Deep cloud security knowledge (AWS/Azure/GCP)
* Kubernetes/container security knowledge
* Other security certifications (GIAC, HTB CAPE, PNPT, GCP/WS/Azure Security)
#J-18808-Ljbffr