Detection Engineer

Bellevue, WA (Hybrid)

Tanium Inc.

We protect security-conscious organizations by providing the world’s first and leading converged endpoint management (XEM) platform that is real-time, seamless, and autonomous, enabling those organizations to break down silos and reduce...

View all jobs at Tanium Inc.

Apply now Apply later

The Basics

The Detection Engineer is responsible for facilitating the development and continuous improvement of Tanium’s internal cybersecurity detection program. Candidates will work closely with operations, engineering, architects and business units throughout Tanium to collaborate on threat models and ensure adequate detection mechanisms are in place for a changing threat landscape. This role will be required to balance strategic thinking and tactical hands-on execution. Candidates will enhance existing methods to measure the coverage and quality of detection while also prioritizing and driving efforts to close gaps. As such, candidates will often create or enhance existing detections mechanisms while ensuring alerts are properly transitioned to the security operations team. Candidates are expected to question the status quo to identify opportunities for continuous improvement and are enabled to take action to ensure the effectiveness of a distributed security program operating within DevOps centric workflows. 

 This position is available for remote workers with flexible working hours. When support for incident response is required, this role may require occasion work outside of normal business hours. 

What you'll do

  • Drive a comprehensive security detection strategy applied consistently across the organization
  • Develop comprehensive reports and metrics on the efficacy and long-term tracking of detection coverage
  • Drive continuous development and tuning of detection measures
  • Partner with security teams and business units to define appropriate log visibility & detection related gaps
  • Lead continuous improvement efforts to evaluate detection capabilities & related tooling efficiency
  • Build innovative ways to detect potential threats within on premise and cloud environments
  • Collaborate with operations personnel to prioritize and close detective gaps
  • Work with security architects and engineers to develop detective compensating controls based on threat models
  • Drive standardization and repeatable processes and procedures within operations as it pertains to responding to threats
  • Participate in the development and execution of threat hunting exercises
  • Develop, implement, document and maintain SIEM & Detection engineering tooling management controls, standard operating procedures, narratives and test scripts.
  • Plan, run, and participate in table top exercises
  • Collaborate with engineering teams to develop automation to improve the efficiency of security operations
  • Provide incident response support
  • Leverage threat intelligence reporting to develop new detection capabilities
  • Analyze malware and exploit techniques in a lab environment 

We’re looking for someone with

  • In accordance with Department of Defense requirements, applicants for this role must be a U.S. citizen, national, or resident pursuant to 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3)
  • 2+ years working in a Security Operations or equivalent role
  • 2+ years responding to threats in cloud environments (Azure and AWS preferred)
  • Working knowledge of common frameworks (Mitre ATT&CK)
  • Ability to use data to derive meaningful metrics to drive prioritization
  • Firm understanding of attacker tactics, techniques, and procedures and means of detection
  • Ability to synthesize risks and derive detection countermeasures
  • Proficiency with security tools and platforms (e.g., SIEMs, vulnerability scanners, and malware analyzers)
  • Familiarity with IDS/IPS systems and endpoint Antivirus and EDR products
  • Malware analysis experience preferred
  • Working knowledge of Python or other scripting languages preferred 

About Tanium 

Tanium delivers the industry's only true real-time cloud-based endpoint management and security offering. Its platform is real-time, seamless, and autonomous, allowing security-conscious organizations to break down silos between IT and Security operations that results in reduced complexity, cost, and risk. Securing more than 32M endpoints around the world, Tanium's customers include Fortune 100 organizations, top US retailers, top US commercial banks, and branches of the U.S. Military. It also partners with the world's biggest technology companies, system integrators, and managed service providers to help customers realize the full potential of their IT investments. Tanium has been named to the Forbes Cloud 100 list for nine consecutive years and ranks on the Fortune 100 Best Companies to Work For. For more information on The Power of Certainty™, visit www.tanium.com and follow us on LinkedIn and X

On a mission. Together. 

At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, and diversity. In our pursuit of revolutionizing the way some of the largest enterprises and governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives and by our collective actions.   

We are an organization with stakeholders around the world and it’s imperative that the diversity of our customers and communities is reflected internally in our team members. We strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that only together can we do great things. 

Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most.   

What you’ll get

The annual base salary range for this full-time position is $85,000 - $260,000. This range is an estimate for what Tanium will pay a new hire. The actual annual base salary offered may be adjusted based on a variety of factors, including but not limited to, location, education, skills, training, and experience.

In addition to an annual base salary, team members will receive equity awards and a generous benefits package consisting of medical, dental and vision plan, family planning benefits, health savings account, flexible spending account, transportation savings account, 401(k) retirement savings plan with company match, life, accident and disability coverage, business travel accident insurance, employee assistance programs, disability insurance, and other well-being benefits.

 

For more information on how Tanium processes your personal data, please see our Privacy Policy.

#Hybrid

Apply now Apply later
Job stats:  0  0  0

Tags: Antivirus Automation AWS Azure C Cloud DevOps EDR Exploit IDS Incident response IPS Malware MITRE ATT&CK Privacy Python Scripting SIEM Strategy Threat intelligence

Perks/benefits: 401(k) matching Career development Equity / stock options Flex hours Flexible spending account Flex vacation Health care Insurance

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.