Detection Engineer
Tasks
- Collaborate with SOC and NOSC analysts to tune alerts
- Coordinate telemetry ingestion normalization and field mappings
- Create detection dashboards and alerting content
- Develop correlation rules signatures behavioral analytics
- Develop detection logic for SIEM
- Document detection logic metadata versioned content change history
- Map detections to MITRE ATT&CK
- Review telemetry quality and coverage gaps
- Test detection rules in lab and datasets
- Translate threat intelligence into detection use cases
- Tune detections to reduce false positives
- Update runbooks for detection tuning and triage
- Validate detection operational readiness
Perks/Benefits
- N/A
Skills/Tech-stack
Analytic Queries | Automated testing | Behavioral analytics | Correlation rules | DCI | Data Ingestion | Data Normalization | Detection Performance Metrics | Detection and Response | Detection engineering | EDR | Endpoint Detection and Response | Endpoint detection | False Positive Tuning | Field mapping | IDS | IPS | KQL | MTTD | Mitre Attack | OT | OT Telemetry | Performance Metrics | Precisión | Recall | Runbooks | SIEM | SOAR | SOC Analytics | SPL | Security analytics | Sigma | Signatures | Telemetry Quality | Threat Intelligence | Vulnerability data
Education
Related jobs
-
IDC Security Engineer USD 238K-306KData Center Security | Data center | Detection engineering | Incident Response | Intrusion DetectionExecutive-level Full TimeMenlo Park, CA2h ago
-
Security Engineer, Cloud Threat and Abuse Detection USD 147K-211KAbuse detection | Botnet Detection | Computer Security | DDoS detection | Detection engineeringMid-level Full TimeSunnyvale, CA, USA2h ago
-
GRC (Governance Risk and Compliance) Analyst USD 106K-130K800-171 | AWS | Active Directory | Antivirus | AzureCareer advancement opportunities | Extensive training | Professional education | Travel opportunitiesMid-level Full TimeDENVER, CO, US, 802378h ago
-
AWS Cloud Security Engineer - Cleared USD 81K-172K800-53 | AWS | AWS CDK | AWS GuardDuty | AWS InspectorSenior-level Full TimeWashington, DC, US13h ago
-
Information Security Analyst - Temporary USD 80K-95KDetection engineering | Endpoint detection | IDS | IPS | Incident Response401k match | Employee assistance program | Employee resource groups | HSA & FSA options | Hardship support fundMid-level Full Time TemporaryTempe, AZ, United States R15h ago
-
Security Engineer USD 110K-120KCloudFormation | CrowdStrike | Dashboarding | EDR | Go401k match | Annual professional development budget | Charitable donation match | Commuter benefits | Dental insuranceMid-level Full TimeRemote - United States R19h ago
-
Staff Security Engineer- Detection and Response USD 189K-330KAWS | Access Management | Alert triage | Automation | Data correlationSenior-level Full TimeAustin, TX; New York, NY; Seattle, …19h ago
-
Entry-level Full TimeKansas City, KS, United States20h ago
-
Senior Threat Detection Engineer USD 121K-190KAPIs | AWS | AWS GuardDuty | Azure | Azure DefenderCross-functional collaboration | Hybrid work | Training and developmentSenior-level Full TimeRoseland, NJ, United States20h ago
-
Lead Cloud Security Engineer - Kubernetes USD 144K-196KAPI | AWS | Active Directory | Ansible | AutomationSenior-level Full TimeRoseland, NJ, United States20h ago
-
AWS | Alert triage | Azure | Cloud Security | DockerBuddy program | Hybrid workplace | Mentor program | On-call rotation | Paid time offSenior-level Full TimeNew York, New York, USA20h ago
-
Senior Cybersecurity Platform Engineer USD 129K-181KABAC | AWS | Adversarial Attacks | Anonymization | AnsibleEmployee resource groups | Flexible family care days | Paid Holidays | Paid parental leave | Paid time offSenior-level Full TimeUnited States R21h ago
-
Senior Security Engineer - Northeast USD 170K-230KAccount Management | Attack Intelligence | Best practices | Blue Team | CASBBehavioral wellness services | Employee recognition program | Generous time off | Health insurance | Life insuranceSenior-level Full TimeUS - New Jersey, US - …21h ago
-
Security Engineer USD 125K-150KCapacity Planning | Data Enrichment | Data Ingestion | Data Normalization | Detection rule tuning401k | Certification sponsorship | Continuous learning | Medical, dental, and vision insurance | Paid Company HolidaysMid-level Full TimeUnited States21h ago
-
Sales Engineer, Major Enterprise USD 235K-375KAccess Management | Cloud Security | Container Security | IPSec | IaaS401k | Commissions | Dental insurance | Disability insurance | Equity programSenior-level Full TimeNew York, NY, United States22h ago
-
Senior Incident Response Engineer USD 108K-161KAWS | Cloud platform | Databricks | Detection and Response | Digital forensicsCareer development | Financial benefits | Health insuranceSenior-level Full TimeManhattan, New York, United States22h ago
-
Security Analyst 3 USD 74K-100KApplication Security | Attack surface management | Bug Bounty | DAST | External Attack Surface ManagementMid-level Full TimeDes Moines, IA, United States22h ago
-
Director, Digital Defense Center USD 157K-250KAI machine learning | Access Control | Crisis management | Cybersecurity | DNP34 days onsite | Health & welfare benefits | Retirement benefitsExecutive-level Full TimeAtlanta, GA, United States23h ago
-
Threat Hunt Lead USD 116K-126KAdversary tracking | Behavioral analytics | Data Analysis | Detection and Response | Detection engineering401k match | Dental insurance | Disability insurance | Employee assistance program | Flexible spending accountSenior-level Full TimeMississippi, John C. Stennis Space Center, …1d ago
-
SADOM Lead USD 120K-132KAnsible | Automation | Chef | Configuration Management | Database Administration401k match | Dental insurance | Disability insurance | Employee assistance program | Flexible spending accountSenior-level Full TimeMississippi, John C. Stennis Space Center, …1d ago
-
Cyber Threat Lead USD 125K-210KCloud Security | Data Science | Detection and Response | Endpoint Detection and Response | Endpoint detectionSenior-level Full TimeUSA-VA-Chantilly, USA-AZ-Chandler1d ago
-
Sr. Monitoring & Observability Engineer USD 137K-240KAI monitoring | Automation | Azure | Azure Logging | Azure MonitorSenior-level Full TimeDeerfield Beach, Florida, United States1d ago
-
Mid-level Full TimeNew York, New York, United States1d ago
-
800-53 | AWS GuardDuty | Access Control | Access Management | Amazon Web ServicesMid-level Full TimeAtlanta, Georgia, United States1d ago
-
800-53 | API | CMMC | CVE | CVSSSecret security clearanceMid-level Full TimeAtlanta, Georgia, United States1d ago