Detection Engineer
Tasks
- Analyze adversary TTPs and develop new detections
- Build log sources and ensure log normalization
- Collaborate with SOC analysts and incident response teams
- Conduct proactive threat hunting
- Create automated response playbooks
- Create custom parsers and correlation rules
- Design detection rules and alerts
- Develop detection as code workflows
- Develop detection logic using query languages
- Document detection deployments and runbooks
- Implement CI CD for detection content
- Maintain CMDB entries for detection infrastructure
- Manage detection incidents requests and changes
- Mentor junior detection engineers
- Test detections using attack simulation
- Translate threat intelligence into detection content
- Tune detections to reduce false positives
- Validate detections using MITRE ATT&CK
Perks/Benefits
- N/A
Skills/Tech-stack
AWS | Anomaly Detection | Atomic Red Team | Authentication Protocols | Azure | CEF | CI/CD | Caldera | Carbon Black | Chronicle | Correlation | CrowdStrike | Data Enrichment | Data Normalization | Detection-as-code | EDR | Elastic Security | Event Logs | GCP | Git | ITIL | ITSM | JSON | Jira Service | Jira Service Management | KQL | Kerberos | LEEF | MITRE ATT&CK | Microsoft Defender | Microsoft Sentinel | NDR | NTLM | Network Protocols | OAuth | Packet Capture | Purple Team | Python | QRadar | REST APIs | Red team | SAML | SIEM | SOAR | SPL | SQL | SentinelOne | Service Management | ServiceNow | Sigma | Snort | Splunk | Statistical Analysis | Suricata | Syslog | Threat Intelligence | Windows Event Logs | XDR | Yara | Zeek | “as-code”
Education
Bachelor of Engineering | Bachelor of Science | Master of Science
Roles
Detection Engineer | Engineer | Security | Security Engineer
Related jobs
-
GRC and Security Analyst USD 136K-192KAI Governance | AI RMF | API Security | Audit evidence | BashSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia - … R2d ago
-
Penetration Testing Engineer USD 135K-212KApplication Security | Burp Suite | Metasploit | Network Protocols | NmapSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia9d ago
-
Lead Incident Response Consultant USD 151K-208KActive Directory | Digital forensics | EnCase | FTK | File analysisSenior-level Full TimeSaudi Arabia12d ago
-
Software Tester (Manual & Automation) USD 90K-115KAPI Testing | Agile | Git | Integration Testing | JUnitMid-level Full TimeRiyadh, Riyadh Province, Saudi Arabia14d ago
-
Senior API Security Engineer - Riyadh, KSA USD 120K-180KAPI Gateways | API Security | Attack protection | Authentication | Bot Attack ProtectionOnsite workSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia14d ago
-
Bash | Cloud Security | EDR | IDS/IPS | Incident ManagementSenior-level Full TimeSubaih, Al Qassim Province, Saudi Arabia20d ago
-
Senior Presales Engineer NGN 9600K-12000KAccess Management | Amazon Web Services | Cloud Security | Cloud platform | EDRSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia20d ago
-
Sr. Splunk Expert USD 135K-216KBash | Enterprise Security | IT Service Intelligence | Python | SIEMSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia20d ago
-
ADFS | Access Management | Active Directory | Azure | Azure Active DirectorySenior-level Full TimeRiyadh, Saudi Arabia22d ago
-
IT Security Operations Manager USD 105K-160KAccess Management | Cloud Security | Governance | IT Operations | ITILMid-level Full TimeRiyadh23d ago
-
Penetration Tester (RE) USD 86K-143KBurp Suite | Exploit Development | Metasploit | Nessus | Network ProtocolsMid-level Full TimeRiyadh, Ar Riyāḍ, Saudi Arabia23d ago
-
Network Engineer CAD 84K-108KApplication Firewall | DDoS Protection | Detection and Response | Firewall | Incident ResponseMid-level Full TimeJeddah, Al Murjanah Tower, Saudi Arabia23d ago
-
Senior Email Security Engineer - 3 Month EUR 38K-49KAnti-Malware | Anti-phishing | Anti-spoofing | DKIM | DLPMentorship | Runbooks and documentation | Training and awareness sessionsSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia23d ago
-
AV | Application Firewall | Bash | EDR | Email SecuritySenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia24d ago
-
Network Security Engineer USD 112K-177KACL | Firewalls | Incident Management | Network Protocols | Network SecurityMid-level Full TimeRiyadh27d ago
-
Cloud Security | Computer Networking | Cyber Threat | Cyber Threat Intelligence | Cybersecurity TrainingClient-facing consulting | TravelSenior-level Full TimeRiyadh Saudi Arabia; Saudi Arabia28d ago
-
Senior Cybersecurity Specialist (Splunk Architect) USD 118K-155KAdvanced threat protection | Azure Cloud | Azure Cloud Access Security Broker | Cloud Access Security Broker | Defender ATPCareer progression | Employee engagement activities | Health insurance | Tailored training and developmentSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia28d ago
-
Senior Manager - Network & Security Engineering USD 120K-175KAWS | Application Firewall | CASB | Cloud Networking | Cloud SecuritySenior-level Full TimeRiyadh, Saudi Arabia28d ago
-
Smart Plant Administrator - Hexagon USD 80K-115K4D simulation | Asset Data | Asset data management | Automation | Data ManagementSenior-level Full TimeSAU, Al Khobar, Prince Sultan Bin …29d ago
-
Senior T24 Test Engineer (Banking) USD 108K-144KAPI Automation | Appium | CI/CD | Defect Reporting | End to EndSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia30d ago
-
Purple Teaming Engineer - Embedded Security USD 150K-202KAndroid | BLE | Binwalk | Burp Suite | CAN401k | Annual incentive program | Dental insurance | Disability insurance | Equity programSenior-level Full TimeRiyadh, Saudi Arabia30d ago
-
Senior Cloud Security Engineer - GCP/OCI USD 142K-211KAPI Gateway | Bot Defense | CI/CD | CIEM | CNAPPSenior-level Full TimeDammam, Eastern Province, Saudi Arabia1mo ago
-
Senior-level Full TimeAl-Kharj, Riyadh Province, Saudi Arabia1mo ago
-
Cyber Security Analyst USD 95K-138KDetection Systems | English communication | Firewall Configuration | Incident Response | Intrusion DetectionMid-level Full TimeAl Riyadh, Saudi Arabia1mo ago
-
Senior Manager - Vulnerability Management USD 130K-179KAPIs | Application Testing | Automation | Cloud Security | LinuxSenior-level Full TimeRiyadh, Saudi Arabia1mo ago