Detection Engineer
Tel Aviv, IL
Sygnia
Secure your business with Sygnia's Cyber Security Consulting - experience expert defense and resilience against evolving cyber threats.Description
Sygnia is the foremost global cyber readiness and response team, applying creative approaches and battle-tested solutions to help organizations beat attackers and stay secure. With a team of deep digital combat, leading-edge, purpose-built technology, and enterprise security specialists, it enables companies to proactively build cyber resilience and defeat attacks within their networks. Sygnia is a trusted advisor and service provider of technology and security teams, executives and boards of leading organizations worldwide. Sygnia supports clients at each stage of their security journey, bringing frontline experience and technological acumen to help them be unstoppable in the face of cyber threats. Learn more at Sygnia.co
The company draws on top talent from the ranks of elite military technology units and from across the cyber industry, and has some of the world’s top talents in cyber security. Described by Forbes as a “cyber security delta force”, it applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.
Sygnia is looking for a Detection engineer with a solid technical background in cyber security to lead the implementation and quality of Sygnia’s Velocity XDR detections and content and ensure that Sygnia meet its clients’ cyber security needs.
As a Detection engineer in a fast-expanding operation team, you will be responsible for threat detection and research, to identify classic & new attack vectors, emerging threats and vulnerabilities across various attack surfaces. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.
Main Responsibilities:
- Develop and implement detection rules tailored to the unique XDR platform.
- Analyze and assess potential threat landscapes, applying this knowledge to enhance detection capabilities.
- Ensure the quality, accuracy, and effectiveness of XDR detection rules are consistently maintained.
- Work with data from many different security domains across email, identity, endpoint, and cloud to build the most accurate detection rules in XDR platform.
- Understand, identify and implement detection gaps, capabilities, assumptions and improvements of detection rules.
- Identify and analyse new and existing attacks and tactics in client’s environments to develop tailor-made detection plan.
- Develop detection rules for new and zero day vulnerabilities in XDR platform.
- Simulate attacks in the lab and conduct a deep analysis of the behaviour and develop Proofs of Concept (PoCs) and automation scripts to simulate attacks.
- Stay up to date with APTs, attacker methodologies, and TTPs.
- Be the owner of detection rules content in XDR platform and develop detection rules process and procedures.
- Collaborate with Product Management to shape the product roadmap for the detection engine.
Requirements
Main Requirements:
- Minimum of 3 years of experience in detection engineer, security research, threat research, red teamer.
- Experience delivering security detections for products.
- Deep understanding and extensive experience in penetration testing methodologies, tools, and attack simulations.
- Experienced in simulating and analyzing domain attacks.
- Experience in simulating real environments and creating lab environments.
- Ability to develop Proofs of Concept (PoCs) and automation scripts to simulate attacks.
- Experience with Python, SQL or similar data analysis capabilities.
- In-depth understanding of an organization’s security, risks, and potential attack vectors in all the organization’s perimeters.
- Passion to cyber security world, stay up to date with new threats and develop new scenarios following to threat landscape.
- Solid understanding of various security-related technologies, such as: OS internals, EDR, Active Directory, Office 365, Cloud technologies such as AWS, Microsoft Azure and GCP, Network protocols and security products.
- Strong verbal & written communication skills in English.
- Team player, able to drive and facilitate projects across disciplines.
- 2+ years of experience hunting for and investigating security incidents – An advantage.
- Experience with OT environments - An advantage.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Analytics Automation AWS Azure Cloud Data Analytics EDR GCP Pentesting POCs Python SQL Threat detection Threat Research TTPs Vulnerabilities XDR Zero-day
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.