Detection Engineer

Who We Are 

Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats. 

Position Overview 

Legato Security is seeking a motivated junior or mid-level Detection Engineer to assist with detection engineering efforts. As a Detection Engineer, you will assist with rule creation, rule tuning, creating documentation, assisting with on-going infrastructure projects, and assisting with customer requests. 

Specific Job Responsibilities 

• Create, improve, review, and tune detection rules in various SIEMs (e.g., Sumo Logic, Google SecOps, Stellar Cyber). This will include log reviews of customer environments to make informed decisions. 

• Assist in creating and maintaining documentation for detection procedures, workflows, and active projects. 

• Collaborate with SOC analysts to improve detection accuracy and reduce false positives 

• Help maintain and update detection use cases based on emerging threats and customer-specific logs. 

• Assist in creating regular reports on detection metrics and effectiveness. 

• Review and respond to internal and customer requests to assist with anything related to detection engineering. 

• Contribute to declarative and imperative programming projects to assist with detection as code 

• Meet with customers to assist with their requests around detection engineering. 

 Required Qualifications 

• Bachelor's degree in Computer Science, Cybersecurity, related field or equivalent industry experience 

• 3-5 years of experience in detection engineering or a related field (e.g., SOC Analyst, Pen Testing, IT Infrastructure, Network Engineering, or Software Development). Job-specific experience in detection engineering is not required 

• Familiarity with networking principals, (e.g. routing, common protocols, firewall functionality, etc.) 

• Basic understanding of Windows operating systems (e.g. versions, common exploits, understanding of registries, exposed protocols, common enumeration commands, etc.) 

• Active Directory Fundamentals (e.g. basic understanding of NTLM and Kerberos, how to use LDAP, understanding of common attacks within Active Directory.) 

• Understanding of Detection as Code and common exploits 

• Strong interest in pursuing a career in detection engineering  

• Ability to quickly learn different tool sets and environments 

• Strong written and verbal communication skills 

• Ability to prioritize multiple competing projects, meet deadlines, and work effectively in a team environment 

Preferred Qualifications 

• Applicants who demonstrate personal learning and curiosity through personal projects will be prioritized. e.g. home labs, personal Github projects, write ups, blog posts, Hack the Box profile, TryHackMe profile. 

• Relevant certifications such as OSCP (Offsec), OSDA (Offsec), CPTS (HTB), CDSA (HTB), etc. 

Compensation 

Our organization conducts ongoing market research to ensure competitive pay at all levels. The compensation range for this role is $100k-120k/year DOE. 

Perks 

• Start-up company in a growth phase with opportunity for advancement based on performance 

• Start-up culture with an office in downtown Salt Lake City, UT 

• Competitive medical and dental benefits for employee and family members 

• Other company-provided benefits such as short-term disability, basic life insurance, children’s orthodontia, with additional voluntary benefits available, and 401K match 

• Flexible Paid Time Off policy 

• Professional Development opportunities specific to role  

Embark on a journey where your skills are valued, your growth is fostered, and your voice is heard. At Legato Security, we understand that diversity is the key to innovation. Our hiring process is designed to provide a transparent, consistent, and uniform experience for all applicants, mitigating unconscious bias every step of the way. We foster a culture of belonging, where each team member is an integral part of the Legato community.  

Legato Security is an equal-opportunity employer.