Advanced Defensive Detection Engineer
Quincy, Massachusetts, United States
USD 120K-202K Mid-level Full Time
Tasks
- Advise on alert creation across security controls
- Align detection strategy with MITRE ATT&CK framework
- Collaborate to maintain IT process and configuration library
- Develop implement detection rules for applications cloud and on premises
- Develop testing and document detection capabilities
- Document and maintain assets scripts and processes for SIEM and EDR testing
- Implement automated detection rule metrics
- Interpret threat models research TTPs
- Monitor maintain and refresh SIEM lookup tables
- Partner with purple team and security teams to validate detection goals
- Test and tune detection rules in SIEM and EDR
- Triage prioritize and enhance detection rule requests
- Validate and document detection requirements search criteria and test cases
Perks/Benefits
Skills/Tech-stack
API Design | Alert triage | Anomaly Detection | Compliance | DNS | Dashboards | Data Parsing | Detection-as-code | EDR | Encrypted traffic | Encrypted traffic analysis | GDPR | HTTP | IDSIPS | ISO 27001 | KQL | MITRE ATT&CK | Machine Learning | Monte Carlo | NIST CSF | Network Forensics | PCI DSS | Powershell | Proxy logs | Python | Regular Expressions | SIEM | SPL | SQL | Statistical modeling | TCPIP | Threat hunting | Threat modeling | Traffic analysis | VPN Analysis | “as-code”
Education
Bachelor of Engineering | Bachelor of Science | Master of Science | PhD
Regions
Countries
States
Cities
Related jobs
-
Security Engineer USD 130K-175KAccess Management | Application Firewall | C# | C++ | Cloud SecurityOnsite work | Required background checkMid-level Full TimeCape Canaveral, FL12h ago
-
Security Engineer USD 130K-180KAccess Management | Application Firewall | C# | C++ | Cloud Security401k retirement plan | Access to long-term incentives | Employee stock purchase plan | Life insurance | Medical, dental, and vision insuranceMid-level Full TimeHawthorne, CA12h ago
-
Application Inventory | Asset Management | Audit Procedures | Audit automation | Change ManagementMid-level Full TimeLas Vegas, NV, United States14h ago
-
Senior Compliance Automation Engineer USD 135K-195K800-171 | 800-53 | API | AWS Config | AWS Config RulesSenior-level Full TimeDenver, CO or Long Beach, CA …17h ago
-
Senior-level Full TimeDallas, TX, United States18h ago
-
Staff Product Security Engineer USD 184K-241KAI Security | AWS | Automation | Azure | CI/CD401k matching | Commuter benefits | Disability insurance | Family planning support | Fertility supportSenior-level Full TimeNew York City19h ago
-
Staff Product Security Engineer USD 184K-241KAI Security | AWS | Automation | Azure | CI/CD401k match | Commuter benefits | Dental insurance | Disability insurance | Fertility and family planning supportSenior-level Full TimeAtlanta, Georgia, United States19h ago
-
Senior Security Engineer USD 120K-136KAlerting | CIS Critical Security | CIS Critical Security Controls | Cloud Security | Correlation rulesOn-call support | Remote work | US Security ClearanceSenior-level Full TimeWork from home, VA, United States R21h ago
-
Security Engineer USD 80K-145KAccess Management | Alerting | CIS Critical Security | CIS Critical Security Controls | Cloud SecurityOn-call support | Remote workMid-level Full TimeWork from home, VA, United States R21h ago
-
Senior-level Full TimePortland, OR, United States21h ago
-
AWS | ArcSight | Azure | Cisco Firepower | Cloud platformOnsite position | US citizen or green card requiredSenior-level ContractWashington, United States23h ago
-
API Integration | AWS | Access Control | Attack Path | Attack Path AnalysisCorporate holidays | Dental insurance | Flexible time off | Home internet allowance | Medical insuranceMid-level Full TimeRemote R1d ago
-
Lead Info Sec Engineer USD 151K-252KAccess Management | Active Directory | Asset Management | Change governance | Configuration ManagementDay shift | Full-time employment | Remote workSenior-level Full TimeDistrict of Columbia-Washington1d ago
-
Senior Data Engineer USD 130K-174KAWS | Amazon Redshift | Azure | Azure Data | Azure Data LakeIn office work 5 days per week | Security clearance supportSenior-level Full TimeAlexandria, VA1d ago
-
Lead Info Sec Engineer USD 151K-252KAccess Management | Active Directory | Asset Management | Change governance | Configuration ManagementRemote workSenior-level Full TimeDistrict of Columbia-Washington1d ago
-
Security Engineer III (Pen Tester) USD 102K-179KAccess Control | Adversary Emulation | Application Security | Authentication and Authorization | BashMentorship | Professional development | Reasonable accommodationsSenior-level Full TimeArlington/Rosslyn, Virginia, United States1d ago
-
Access Control | Archer Collaborate | Data Feeds | Data Imports | Data ManagementSenior-level Full TimeArlington/Rosslyn, Virginia, United States1d ago
-
CNO Reverse Engineer USD 141K-236KAssembly | Atlassian Confluence | Atlassian Crucible | Atlassian Jira | C#Disability insurance | Health insurance | Holiday pay | Learning and development | Life insuranceSenior-level Full TimeUSA-MD-Hanover1d ago
-
Senior Software Engineer, Front End, Google Cloud Web3 USD 174K-252KAI Agents | Angular | BigQuery | Blockchain | Cloud SQLSenior-level Full TimeSunnyvale, CA, USA1d ago
-
Senior Staff Software Engineer, AI/ML, Security USD 262K-365KAdversarial Machine Learning | Cloud | Data Privacy | Data Processing | Data StructuresSenior-level Full TimeKirkland, WA, USA; Seattle, WA, USA1d ago
-
Adversarial Testing | Computer Security | Evaluation | Generative Models | GuardrailsMid-level Full TimeMountain View, CA, USA; New York, …1d ago
-
Lead Cyber Security Engineer | $140K-$175K + Remote + Equity | Exciting High growth AI Operational Intelligence Startup A USD 140K-175KAPI Security | Cloud Security | Governance | ISO 27001 | ISO 42001Equity | Health medical and vision coverage | PTO | Paid Holidays | Remote workExecutive-level Full TimePhiladelphia, PA, United States R1d ago
-
Software Engineer - TS/SCI w/Poly USD 135K-216KAccumulo | Ansible | Bigtable | C# | C++Bonus plan | Dependents Benefits | Health insurance subsidy | Paid time offSenior-level Full TimeAnnapolis Junction, MD, United States1d ago
-
800-53 | 800-53A | Detection Systems | EMASS | EncryptionSenior-level Full TimeWashington, DC, United States1d ago
-
Oracle Cloud Security Engineer USD 100K-150KBash | CIS Benchmarks | Cloud Compliance | Cloud Guard | Cloud infrastructureMid-level Full TimeUnited States - Remote R1d ago