Cyber Threat Detection Engineer (E4-E5)

About Rearc

At Rearc, we're committed to empowering engineers to build awesome products and experiences. Success as a business hinges on our people's ability to think freely, challenge the status quo, and speak up about alternative problem-solving approaches. If you're an engineer driven by the desire to solve problems and make a difference, you're in the right place!

Our approach is simple — empower engineers with the best tools possible to make an impact within their industry.

We're on the lookout for engineers who thrive on ownership and freedom, possessing not just technical prowess, but also exceptional leadership skills. Our ideal candidates are hands-on-keyboard leaders who don't just talk the talk but also walk the walk, designing and building solutions that push the boundaries of cloud computing.

Founded in 2016, we pride ourselves on fostering an environment where creativity flourishes, bureaucracy is non-existent, and individuals are encouraged to challenge the status quo. We're not just a company; we're a community of problem-solvers dedicated to improving the lives of fellow software engineers.

Our commitment is simple - finding the right fit for our team and cultivating a desire to make things better. If you're a cloud professional intrigued by our problem space and eager to make a difference, you've come to the right place. Join us, and let's solve problems together!

What You Bring

Enthusiasm about developing and evangelizing services in the cyber space. 

Strong cloud, security, SIEM and data engineering fundamentals. 

What You'll Do

• Utilize NDR, EDR, real-time streaming, and SIEM technologies to develop robust threat detection capabilities.

• Build and optimize detection rules leveraging real-time data streaming to enhance detection accuracy.

• Design enrichment pipelines and automation workflows to enhance the precision of threat detections.

• Develop correlation logic and automated processes to create high-fidelity threat alerts.

• Maintain availability, compliance, and recoverability of customer Data Analytics solutions, including SOPs, data onboarding, normalization, enrichment, and system maintenance.

• Create and maintain playbooks for incident triage and response.

• Align detection content with customer-specific Use Case Frameworks and provide metrics on cybersecurity threats impacting their environment.

• Collaborate with the customer’s Enterprise Cybersecurity DART team to enhance Security Orchestration, Automation, and Response (SOAR) functionality.

• Support and create dashboards for Enterprise Cybersecurity, Information Technology (IT), and Operational Technology (OT) teams.

• Stay continually aware of emerging cybersecurity threats and trends, adapting detection strategies as needed.

• Work closely with customer teams, including Cybersecurity Operations Center (CSOC), Operational Technology (OT), and Incident Response (IR) teams, to ensure detections are actionable and relevant.

• Provide feedback to improve the customer's Use Case Framework and overall security monitoring strategy.

In this role, you will combine technical expertise with continual situational awareness of emerging threats, driving client success while staying at the cutting edge of cyber security innovations.

Qualifications

• 6+ years of experience in Cybersecurity with a focus on:

  • Log streaming

  • Cybersecurity data lakes and data warehousing

  • SOAR engineering

  • SIEM engineering, administration, architecture, and operations

  • Data science, statistical analysis, and threat detection development

  • Integrating disparate IT, OT, and business applications into SIEM systems

• Bachelor's degree in Management Information Systems, Computer Science, or a related field

• A strong passion for Cybersecurity and a commitment to staying current with industry trends, best practices, and tools

• Proven experience in documenting, socializing, and operationalizing Cybersecurity technologies and processes

• Prior programming experience in Python, Golang, or PowerShell

• Solid understanding of common attack techniques and their practical applications

• Demonstrated ability to work effectively across multiple teams, building cross-functional relationships with individuals of varying technical expertise

• A self-starter with a proven ability to thrive in fast-paced environments

• Strong technical communication skills, both written and verbal

Your first few weeks at Rearc will be spent in an immersive learning environment where our team will help you get up to speed. Within the first few months, you’ll have the opportunity to experiment with a lot of different tools as you find your place on the team.
Benefits and PerksHealth BenefitsGenerous time awayMaternity and Paternity leaveEducational resources and reimbursements401(k) plan with a company contribution

Rearc is committed to a diverse and inclusive workplace. Rearc is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.