Security Detection Engineer
United States - Remote
Thrive
Thrive is a leading provider of outsourced IT infrastructure. Our managed services provide customers with a strategic advantage as they secure, scale, and succeed.
About Us
Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers. Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training, and experience necessary to build a lucrative career, then welcome to THRIVE!!
Position Overview
We're looking for a Security Detection Engineer to spearhead the advancement of Thrive's cybersecurity detection program. This role is crucial for driving the development of alerting rules, hunts, queries, and reports, as well as implementing and refining SIEM & Detection tooling and procedures. The ideal candidate will analyze attacker tactics, techniques, and procedures (TTPs), developing countermeasures and collaborating with our team to fortify security controls. Responsibilities include guiding the SOC team in improving threat detection, managing security gap analyses, and overseeing the Security Lab for testing attack methods. Additionally, this position involves researching emerging threats to refine detection strategies and managing KPIs to track and enhance the effectiveness of our threat detection efforts.
Primary Responsibilities
Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services. Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers. Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER. If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training, and experience necessary to build a lucrative career, then welcome to THRIVE!!
Position Overview
We're looking for a Security Detection Engineer to spearhead the advancement of Thrive's cybersecurity detection program. This role is crucial for driving the development of alerting rules, hunts, queries, and reports, as well as implementing and refining SIEM & Detection tooling and procedures. The ideal candidate will analyze attacker tactics, techniques, and procedures (TTPs), developing countermeasures and collaborating with our team to fortify security controls. Responsibilities include guiding the SOC team in improving threat detection, managing security gap analyses, and overseeing the Security Lab for testing attack methods. Additionally, this position involves researching emerging threats to refine detection strategies and managing KPIs to track and enhance the effectiveness of our threat detection efforts.
Primary Responsibilities
- Responsible for the development and continuous improvement of Thrive’s cybersecurity detection program
- Drive continuous development of all new alerting rules, hunts, queries, and reports
- Develop, implement, document, and maintain SIEM & Detection tooling, standard operating procedures, attack signatures and test scripts
- Implementation and management of API security measures, ensuring secure data transmission and compliance with industry-standard API security protocols
- Analyze attacker TTPs and build countermeasures to detect and/or stop them using endpoint telemetry
- Work with security analysts and engineers to develop security controls based on threat model and gap
- Provide guidance and support to the SOC team in enhancing threat detection capabilities.
- Design and manage Thrive’s gap analysis and threat modeling processes
- Management of the Security Lab and responsible for testing new and existing TTP’s and attacks
- Research threats, malware and novel behavioral techniques and then apply that research to build or tune detection rules and analytics
- Develop and manage KPIs to measure and enhance the effectiveness of our threat detection strategies
- Other duties as required
- Bachelor’s degree in computer science, Information Technology, or a related field.
- Relevant certifications (e.g., Security+, CySA+, Network+)
- 3-5 years of experience in cybersecurity or a related field
- Firm understanding of attacker tactics, techniques, procedures and means of detection
- Solid understanding of the MITRE ATT&CK and Cyber Kill Chain frameworks
- Understanding of common enterprise technologies and logging capabilities including Cloud, IDS/IPS, Firewalls, Active Directory, Anti-Virus/EDR, Proxies, and Email Gateway
- Ability to engineer creative, scalable, and out-of-the-box solutions
- Stay up to date with engineering best practices, security technology trends, tools, and frameworks
- Experience with scripting languages (e.g., Python, PowerShell)
- Knowledge of cloud security platforms (e.g., Azure, AWS, GCP)
- Must be able to work effectively in a team environment and collaborate within the team and other stakeholders
- Familiarity with common security technologies, such as firewalls, intrusion detection/prevention systems, and antivirus software
- Basic understanding of networking concepts and protocols (TCP/IP, DNS, HTTP).
- Strong problem-solving and analytical skills
- Excellent communication and interpersonal skills
- Ability to work independently and as part of a team.
- Ability to communicate security information to non-technical people
- Demonstrates comprehension of good security practice
- Knowledge of risk assessment tools, technologies and methods
Job stats:
3
1
0
Category:
Security Engineering Jobs
Tags: Active Directory Analytics Antivirus APIs AWS Azure Cloud Compliance Computer Science Cyber Kill Chain DNS EDR Firewalls GCP IDS Intrusion detection IPS KPIs Malware MITRE ATT&CK PowerShell Python Risk assessment Scripting SIEM SOC TCP/IP Threat detection TTPs
Perks/benefits: Career development
Regions:
Remote/Anywhere
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cloud Security Engineer jobsInformation Systems Security Officer jobsInformation System Security Officer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSecurity Consultant jobsSenior Penetration Tester jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsSystems Engineer jobs
GDPR jobsForensics jobsSaaS jobsEncryption jobsEDR jobsTop Secret jobsMalware jobsSDLC jobsSplunk jobsSQL jobsRMF jobsIDS jobsBash jobsIPS jobsDocker jobsIntrusion detection jobsDoDD 8570 jobsCompTIA jobsITIL jobsTerraform jobsOWASP jobsFinance jobsCRISC jobsTCP/IP jobsThreat detection jobs
VPN jobsActive Directory jobsGIAC jobsClearance Required jobsUNIX jobsAnsible jobsBanking jobsSANS jobsIT infrastructure jobsJavaScript jobsPolygraph jobsHIPAA jobsJira jobsDNS jobsMITRE ATT&CK jobsOSCP jobsGCIH jobsMachine Learning jobsSOX jobsData Analytics jobsSOC 2 jobsCCSP jobsOracle jobsSOAR jobsCISO jobs