Sr Cyber Security Engineer I- Sr Detection Engineer
Framingham, MA, United States
Staples
Staples offers free next-day shipping with no minimum order on office supplies & furniture, ink, printing services, computers, & promotional products for business.
Sr. Cyber Security Engineer I – Sr Detection Engineer
Work Model/Location: Hybrid, Framingham, MA
Staples is business to business. You’re what binds us together.
Our digital solutions team is more than a traditional IT organization. We are a team of passionate, collaborative, agile, inventive, customer-centric, results-oriented problem solvers. We are intellectually curious, love advancements in technology and seek to adapt technologies to drive Staples forward. We anticipate the needs of our customers and business partners and deliver reliable, customer-centric technology services. We're seeking a seasoned Senior Detection Engineer with a strong Microsoft Sentinel background to join our threat detection and response efforts. You'll leverage your deep expertise in Microsoft technologies and multi-cloud environments to build, deploy, and fine-tune advanced detection rules within Sentinel. Your keen understanding of security operations will ensure seamless integration and efficient response to security incidents.
What you’ll be doing:
- Develop and Deploy Detection Use cases using numerous data sets and security products including but not limited to External Threat Intelligence to identify adversary TTPs in the environment.
- Design, implement, and maintain complex detection rules, analytics, and automation playbooks within Microsoft Sentinel.
- Document, Track analysis and metrics around Detection Lifecycle and Revisions
- Participate in investigation, response, and root cause analysis for major incidents.
- Proactively identify and investigate potential threats using Sentinel's powerful hunting capabilities.
- Tuning and optimization of Azure Sentinel Baseline and Analytical Detection Rules.
- Partner closely with SOC, Advance Threats and other internal Stakeholders to evolving the current Detection Footprint and Efficacy.
- Interacts with internal and external peers and management to share highly complex information related to areas of expertise and/or to gain acceptance of new or enhanced technology / business solutions.
- Join us in shaping the future of threat detection and response
What you bring to the table:
- Demonstrates proficiency in all areas of the professional function and advanced in-depth specialization in some.
- Leverage your knowledge of the Microsoft ecosystem to maximize Sentinel's integration with other security tools and data sources.
- Extensive experience building, deploying, and managing detection rules and analytics within Microsoft Sentinel.
- Demonstrate ability to design and implement complex security solutions in large-scale environments.
- Strong communication skills with proficiency in presenting technical information to non-technical stakeholders.
- Leverage your knowledge of the Microsoft ecosystem to maximize Sentinel's integration with other security tools and data sources.
- Excellent problem-solving skills and the ability to work in a dynamic, fast-paced environment.
What’s needed- Basic Qualifications:
- Bachelor’s degree in Computer Science, Computer Engineering, or a related field, or equivalent experience.
- 5+ years of experience in Detection Engineering, incident response or related field
- Experience and/or Familiarity with Threat Hunting Process and developing Runbooks
- Experience analyzing common security logs (e.g., Authentication, DNS, Endpoint, Network, Proxy, Cloud Native etc) to detect security incidents
- Minimum of 3 years focused on Microsoft Sentinel including but not limited to other Microsoft suite of Applications like Entra, Purview and/or Defender, Log Analytics.
- Proficient in creating and managing KQL queries and understanding of Azure services related to security and compliance.
- Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate, Certified Information Systems Security Professional (CISSP), or similar etc.
What’s needed- Preferred Qualifications:
- Strong ability to learn new things and adapt to new requirements
- Demonstrated knowledge of common/emerging attack techniques
- Extensive experience building, deploying, and managing detection rules and analytics within Microsoft Sentinel.
- Experience with scripting languages (Python, PowerShell) for automation and orchestration. Familiarity with Python, PowerShell or similar development experience is preferred.
- Experience securing multi-cloud environment (Azure, AWS, GCP) by implementing and managing cloud-native security controls and integrating them with Sentinel.
- Familiarity and/or Experience with purple teaming
- Deep understanding of system internals on Windows and Linux
- Demonstrated knowledge of tactics, techniques, and procedures (TTPs) as developed and outlined by the MITRE ATT&CK framework.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
We Offer:
- Inclusive culture with associate-led Business Resource Groups
- Flexible PTO (22 days) and Holiday Schedule
- Online and Retail Discounts, Company Match 401(k), Physical and Mental Health Wellness programs, and more
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Automation AWS Azure CISSP Cloud Compliance Computer Science DNS GCP Incident response Linux MITRE ATT&CK PowerShell Python Scripting Sentinel SOC Threat detection Threat intelligence TTPs Windows
Perks/benefits: 401(k) matching Flex hours Flex vacation Health care Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.