Cybersecurity Detection Engineer

Job Description

Develop and refine detection techniques to identify malicious activities and security breaches.

Analyze descriptions of IOCs and design effective searches to detect these activities in large data sets.

Create and maintain detection content, ensuring it is up-to-date with the latest threat intelligence.

Collaborate with threat hunters to continuously improve detection capabilities.

Utilize advanced Splunk query skills to develop and run complex searches and analyze security data.

Ensure the accuracy and efficiency of detection mechanisms to reduce false positives and improve response times.

Requirements:

Proven experience as a Detection Engineer, with a strong emphasis on detection engineering as a primary job function.

In-depth knowledge of threat hunting methodologies and experience working as a threat hunter.

Expertise in Splunk, including the ability to create and optimize complex queries independently.

Demonstrated ability to analyze and interpret various data sets to identify suspicious activities.

Strong understanding of cyber security threats, vulnerabilities, and attack vectors.

Ability to work independently and collaboratively within a team environment.

Preferred Qualifications:

Certifications related to cyber security and detection engineering (e.g., GIAC Certified Detection Analyst, Splunk Certified User).

Experience in a Security Operations Center (SOC) environment, specifically in a detection engineering role.

Familiarity with other security information and event management (SIEM) tools and technologies.

Note: This position is not an entry-level role. We require candidates with substantial experience in detection engineering, not just occasional detection creation as part of a SOC analyst role.Company Description

IT Professional Services Firm focused on Information Communications Technologies -

Full-time