Detection Engineer

About Us
Eye Security is a fast-growing cybersecurity scale-up founded in 2020 by three employees of the Dutch Secret Service with the mission to protect the digital assets of SMEs across Europe. With a robust portfolio under the Eye Cyber Guard product bundle, Eye Security offers customized cybersecurity solutions in a subscription-based SaaS model. The offering ranges from Managed Detection and Response, Incident Response and Attack Surface Management to Security Awareness Services and Insurance and is aimed at a customer base of over 450 companies. Eye Security currently employs over 140 ambitious IT experts in the Netherlands, Belgium, Germany and the UK.

Job Description

We are seeking a skilled and motivated Detection Engineer to join our SOC team. The ideal candidate will be responsible for developing, implementing, and maintaining detection mechanisms to identify and respond to security threats and optimize the already existing detection flows. This role requires a deep understanding of cybersecurity principles, threat detection methodologies, and incident response.

About the role: 

• Develop and maintain detection rules for the security products supported by our service offering and manage indicators to identify potential security threats.

• Monitor security alerts and events to identify suspicious activities and potential breaches through our in-house built alerting dashboards.

• Conduct thorough analysis of security incidents and provide detailed reports.

• Collaborate with the SOC team to improve detection capabilities and response strategies based on real-world scenarios and threats.

• Stay updated with the latest open- and closed-source threat intelligence and incorporate it into detection mechanisms.

• Perform regular tuning and optimization of existing detection flows and technologies, both in-code and in formal processes.

• Assist in the development and implementation of security policies and procedures.

• Provide guidance and training to junior SOC analysts on detection techniques and best practices.

Requirements

You'll be a great fit if you have:      

• Bachelor's degree in Computer Science, Information Security, or a related field.

• Proven experience in a similar role within a SOC or cybersecurity environment.

• Strong knowledge of security information and event management (SIEM) and security orchestration, automation, and response (SOAR) systems.

• Proficiency in scripting languages (e.g. Bash, Python, PowerShell) and scripting languages (e.g. KQL, LogScale) for automation and detection rule creation.

• Familiarity with various security tools and technologies (e.g., IDS/IPS, EDR, firewalls).

• Excellent analytical and problem-solving skills.

• Strong communication and teamwork abilities.

• Relevant certifications (e.g., CISSP, CEH, GCIA, OSCP) are a plus.

Why Join Us? 

• Make an impact and help organisations in Europe be safe from cyber-attacks - as you get the opportunity to work alongside top talent with the Intelligence Agencies and Military background.

• Quarterly get togethers & Annual company-wide retreat (in Spain, Portugal, Italy…).

• Bond with teammates at exciting locations, learn more about the business, enjoy fun team activities.

• Access to cutting-edge cybersecurity technologies and tools.

• Generous time off policy (including volunteering day, floating holidays and wellbeing time off) to balance your work and personal life.

• Base compensation and company’s stock (ESOP).

• This is a hybrid role to be based out of Berlin or The Hague.