ID 1718 – Detection Engineer

Remoto

About Us

We are engineering a disruptive security product that delivers continuous validation of your enterprise security program so you can find the gaps, strengthen your security posture and exercise your incident response capabilities.
We work with top companies around the world which surely you use their products or services
on a daily basis. We give an answer to their needs by helping them validate their cybersecurity-related assumptions.

How do we do it?
At the core of our values at our companyis the ability to challenge ideas and engage in thoughtful
discourse. We’ve created an environment where every employee is well respected and where
anyone can be respectfully challenged regardless of their position.
Our work environment is joyful while holding ourselves to high standards. We like to be surrounded by amazing peers from whom we can learn from. We like to joke, we like to learn, we take ownership and we take pride in our work. We also like to play ping pong!

Who are you?
You are a passionate person. You are not only a dedicated individual contributor but also a team
player. You demonstrate a genuine interest in understanding why you are working on something
and you are able to respectfully challenge any decision in pursuit of a solution to engineering
and customer problems.
You don’t feel comfortable working as if in a supply chain and you are eager to get involved in
anything that could tangentially impact your work.
You are used to getting things done and you are confident about your skills but still humble and
able to accept criticism and follow guidelines.

Your mission
As a detection engineeryou will:
– Identify, understand, and outline how security control vendors respond to cyber attacks
– Serve as a subject matter expert for challenges other teams face regarding security
controls.
– Work with the multiple engineering teams to optimize security control experience inside
the platform.
– Deploy and maintain security controls having the engineering teams as your main
clients.
– Keep track of how the new versions of the security controls affect existing
capabilities
– Meet with security control vendors and customers to understand needs and requests

Requirements
– 8+ years of experience working in cybersecurity operations (CSOC, SOC, CIRT, CSIRT)
in enterprise environments, or equivalent
– Proficient English communication skills.
– Good knowledge of Azure Security Products. Ideally: Security Center, Azure Sentinel,
and Activity logs
– Good knowledge of Microsoft Security Products. Ideally: Office 365, CloudApp Security,
Microsoft Defender for Endpoint
– Strong knowledge about SIEMs (writing log parsers, normalizing logs, creation of
correlation rules, etc) handling more than 25K EPS.
– Strong knowledge of at least 2 Cloud Service Providers (Deploying and configuring
native cloud security controls, .. )
– Preference in order: Azure, VMware, Google, AWS.
– Good knowledge of either:
– EDR technologies.
– Network security technologies (Fortinet & Cisco FirePower)
– Email security technologies (Proofpoint Enterprise,…)
– Experience developing in Python

Highly Desired
– Experience doing threat hunting / incident response
– Experience with IaC (Terraform, Ansible)
– Experience with MITRE ATT&CK Framework
– Experience in blue/purple teaming


Postularme

    Todos los derechos reservados. Desarrollado por Socialbits.net

    CONEXIONHR – Todos los derechos reservados. Desarrollado por Socialbits.net