Cyber Threat Detection Engineer
IN-MH-MUMBAI-HIRANANDANI BUSINESS PARK POWAI, India
Baker Hughes
Baker Hughes | We take energy forward - making it safer, cleaner, and more efficient for people and the planet.Cyber Threat Detection Engineer
Do you like working on identifying and preventing potential cybersecurity risks?
Are you ready for the next step in your career?
Join our Digital Technology Team!
Our Digital Technology business provides intelligent, connected technologies to monitor and control our energy extraction assets. We provide customers with the peace of mind needed to reliably and efficiently improve their operations. Our team creates business value through continuous improvement in up-time, resilience, performance, time to market, security and compliance
Partner with the best
In this role, you will assist in designing, developing, and tuning security detections to identify potential threats targeting our enterprise IT & OT environments. You will work primarily with Splunk SIEM and a variety of data sources to ensure effective monitoring and alerting across endpoints, networks, and applications. This is an excellent opportunity to grow your skills in cybersecurity engineering, threat detection, and security analytics while collaborating with experienced analysts, threat hunters, and incident responders.
You will also be responsible for:
Detection Engineering & Development
• Assisting in creating, testing, and deploying security detection rules and use cases in Splunk SIEM.
• Developing queries using Splunk Search Processing Language (SPL) to identify suspicious activities and potential threats.
• Participating in tuning existing alerts to minimize false positives and improve detection accuracy.
• Supporting the creation of detection logic aligned to frameworks such as MITRE ATT&CK and industry best practices.
Security Monitoring & Threat Analysis
• Monitoring security alerts and reports to validate detection performance and identify areas for improvement.
• Conducting basic threat analysis to understand attack patterns and adversary behaviors.
• Collaborating with incident response and threat hunting teams to refine detections based on real-world incidents and emerging threats.
Data Integration & Enrichment
• Assisting in onboarding and validating new log sources into Splunk.
• Supporting enrichment of detection logic with threat intelligence feeds, asset context, and other relevant data points.
Collaboration & Documentation
• Working closely with senior detection engineers, security analysts, and IT teams.
• Document detection logic, use case requirements, tuning procedures, and validation results.
• Participating in security operations process improvement initiatives.
Fuel your passion
To be successful in this role you will:
- Have a bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field with 1-3 years of professional experience
- Have a foundational understanding of SIEM concepts and security monitoring principles.
- Familiarity with Splunk SPL, Microsoft KQL and the fundamentals of writing security queries.
- Have a basic understanding of common attack techniques (e.g., malware, phishing, privilege escalation, lateral movement).
- Have a strong analytical and problem-solving skills.
- Have hands-on experience with Splunk in a lab, academic, or professional environment.
- Exposure to MITRE ATT&CK or similar frameworks for classifying adversary behaviors.
- Have Any relevant cybersecurity certifications (e.g., CompTIA Security+, Splunk Core Certified User, SSCP).
- Knowledge of scripting languages such as PowerShell or Python for data manipulation or automation.
- Interest or coursework in detection engineering, threat hunting, or incident response.
- Eager to learn and grow in the field of cybersecurity.
- Detail-oriented with a methodical approach to solving technical problems.
- Ability to work independently and collaboratively in a fast-paced team environment.
- Have a passion for cybersecurity, continuous learning, and proactive defense strategies.
Work in a way that works for you
We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:
- Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive.
- Occasionally working remotely from home or any other work location
Working with us
Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other.
Working for you
Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect:
- Contemporary work-life balance policies and wellbeing activities
- Comprehensive private medical care options
- Safety net of life insurance and disability programs
- Tailored financial programs
- Additional elected or voluntary benefits
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Automation Compliance CompTIA Computer Science Incident response Malware MITRE ATT&CK Monitoring PowerShell Python Scripting SIEM Splunk SSCP Threat detection Threat intelligence
Perks/benefits: Career development Flex hours Health care Insurance
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.