Cyber Security Detection Engineer

We are seeking a skilled Cyber Security Detection Engineer to join our team. The ideal candidate will have a strong background in security detection engineering, with proficiency in Splunk and KQL query writing. This role requires a hands-on approach to simulating threat actor tactics, techniques, and procedures (TTPs) in a lab environment based on best practices and the latest threat intelligence research.

Key Accountabilities:

• Design, implement, and maintain security detection mechanisms using Splunk and KQL.
• Simulate threat actor TTPs in a lab environment to validate detection capabilities.
• Collaborate with threat intelligence teams to stay updated on emerging threats and best practices.
• Develop and execute detection use cases to identify potential security incidents.
• Analyze security events and alerts to determine severity and potential impact.
• Provide recommendations for improving detection and response strategies.
• Assist in the administration of SIEM platforms, particularly Splunk and Microsoft Sentinel.

Requirements:

• At least 5 years of relevant experience.
• Experience in a SOC environment (preferably).
• Proficiency in Splunk and KQL query writing.
• Strong understanding of threat actor TTPs and experience in simulating them in a controlled environment.
• Offensive security knowledge is a plus, with relevant certifications such as OSCP, CPTS, PNPT, ePPT, or ePTX.
• Experience with SIEM administration, particularly with Splunk and Sentinel.
• Excellent analytical and problem-solving skills.
• Strong communication and teamwork abilities.

If you are passionate about cyber security and have the skills to protect our organization from emerging threats, we encourage you to apply.