Detection Engineer
Tasks
- Analyze adversary TTPs and develop new detections
- Build log sources and ensure log normalization
- Collaborate with SOC analysts and incident response teams
- Conduct proactive threat hunting
- Create automated response playbooks
- Create custom parsers and correlation rules
- Design detection rules and alerts
- Develop detection as code workflows
- Develop detection logic using query languages
- Document detection deployments and runbooks
- Implement CI CD for detection content
- Maintain CMDB entries for detection infrastructure
- Manage detection incidents requests and changes
- Mentor junior detection engineers
- Test detections using attack simulation
- Translate threat intelligence into detection content
- Tune detections to reduce false positives
- Validate detections using MITRE ATT&CK
Perks/Benefits
- N/A
Skills/Tech-stack
AWS | Anomaly Detection | Atomic Red Team | Authentication Protocols | Azure | CEF | CI/CD | Caldera | Carbon Black | Chronicle | Correlation | CrowdStrike | Data Enrichment | Data Normalization | Detection-as-code | EDR | Elastic Security | Event Logs | GCP | Git | ITIL | ITSM | JSON | Jira Service | Jira Service Management | KQL | Kerberos | LEEF | MITRE ATT&CK | Microsoft Defender | Microsoft Sentinel | NDR | NTLM | Network Protocols | OAuth | Packet Capture | Purple Team | Python | QRadar | REST APIs | Red team | SAML | SIEM | SOAR | SPL | SQL | SentinelOne | Service Management | ServiceNow | Sigma | Snort | Splunk | Statistical Analysis | Suricata | Syslog | Threat Intelligence | Windows Event Logs | XDR | Yara | Zeek | “as-code”
Education
Bachelor of Engineering | Bachelor of Science | Master of Science
Roles
Detection Engineer | Engineer | Security | Security Engineer
Related jobs
-
Lead Consultant - FortiGuard Incident Response CAD 98K-142KActive Directory | Dynamic malware analysis | EnCase | Endpoint Security | FTKSenior-level Full TimeSaudi Arabia1d ago
-
GRC and Security Analyst USD 129K-182KAPI Security | Audit evidence | Bash | CI/CD | Cloud SecuritySenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia - … R2d ago
-
Sr. Splunk Engineer USD 121K-199KAWS | Alerts | Azure | Bash | CIMFlexible work model | In-person collaboration | Inclusive environment | Productivity support | Wellbeing supportSenior-level Full TimeSA001 - Riyadh, Saudi Arabia (SA001)5d ago
-
Systems Engineer USD 218K-280KBash | Detection engineering | EDR | Incident Response | LinuxTravel opportunitiesMid-level Full TimeRiyadh, Riyadh Province, Saudi Arabia5d ago
-
Senior Solutions Engineer USD 140K-220KCloud Architecture | Detection and Response | Endpoint Detection and Response | Endpoint Security | Endpoint detectionMedical, dental, and vision coverage | Paid parental leave | Paid time off | Retirement plans | Support for community involvementSenior-level Full TimeRemote Saudi Arabia R15d ago
-
IT Security Engineer USD 110K-160KAccess Control | Authentication | Business Continuity | Cloud Security | Compliance ManagementMid-level Full TimeRiyadh, Riyadh Province, Saudi Arabia16d ago
-
Senior Solutions Engineer USD 134K-184KAI Security | AWS | Azure | Cloud Architecture | Cloud SecurityCompetitive leave benefits | Education allowance | Gender neutral parental leave | Global home office allowance | Housing allowanceSenior-level Full TimeSaudi Arabia19d ago
-
Penetration Testing Engineer USD 135K-212KApplication Security | Burp Suite | Metasploit | Network Protocols | NmapSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia29d ago
-
Lead Incident Response Consultant USD 151K-208KActive Directory | Digital forensics | EnCase | FTK | File analysisSenior-level Full TimeSaudi Arabia1mo ago
-
Bash | Cloud Security | EDR | IDS/IPS | Incident ManagementSenior-level Full TimeSubaih, Al Qassim Province, Saudi Arabia1mo ago
-
Senior Presales Engineer NGN 9600K-12000KAccess Management | Amazon Web Services | Cloud Security | Cloud platform | EDRSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia1mo ago
-
Sr. Splunk Expert USD 135K-216KBash | Enterprise Security | IT Service Intelligence | Python | SIEMSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia1mo ago
-
ADFS | Access Management | Active Directory | Azure | Azure Active DirectorySenior-level Full TimeRiyadh, Saudi Arabia1mo ago
-
IT Security Operations Manager USD 105K-160KAccess Management | Cloud Security | Governance | IT Operations | ITILMid-level Full TimeRiyadh1mo ago
-
Network Engineer CAD 84K-108KApplication Firewall | DDoS Protection | Detection and Response | Firewall | Incident ResponseMid-level Full TimeJeddah, Al Murjanah Tower, Saudi Arabia1mo ago
-
Senior Email Security Engineer - 3 Month EUR 38K-49KAnti-Malware | Anti-phishing | Anti-spoofing | DKIM | DLPMentorship | Runbooks and documentation | Training and awareness sessionsSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia1mo ago
-
AV | Application Firewall | Bash | EDR | Email SecuritySenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia1mo ago
-
Network Security Engineer USD 112K-177KACL | Firewalls | Incident Management | Network Protocols | Network SecurityMid-level Full TimeRiyadh1mo ago
-
Senior Cybersecurity Specialist (Splunk Architect) USD 118K-155KAdvanced threat protection | Azure Cloud | Azure Cloud Access Security Broker | Cloud Access Security Broker | Defender ATPCareer progression | Employee engagement activities | Health insurance | Tailored training and developmentSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia1mo ago
-
Senior Manager - Network & Security Engineering USD 120K-175KAWS | Application Firewall | CASB | Cloud Networking | Cloud SecuritySenior-level Full TimeRiyadh, Saudi Arabia1mo ago
-
Smart Plant Administrator - Hexagon USD 80K-115K4D simulation | Asset Data | Asset data management | Automation | Data ManagementSenior-level Full TimeSAU, Al Khobar, Prince Sultan Bin …1mo ago
-
Senior T24 Test Engineer (Banking) USD 108K-144KAPI Automation | Appium | CI/CD | Defect Reporting | End to EndSenior-level Full TimeRiyadh, Riyadh Province, Saudi Arabia1mo ago
-
Cyber Security Analyst USD 95K-138KDetection Systems | English communication | Firewall Configuration | Incident Response | Intrusion DetectionMid-level Full TimeAl Riyadh, Saudi Arabia1mo ago
-
Senior Manager - Vulnerability Management USD 130K-179KAPIs | Application Testing | Automation | Cloud Security | LinuxSenior-level Full TimeRiyadh, Saudi Arabia1mo ago
-
SOC Analyst L1 - Al-Khobar- Saudi National USD 75K-130KEvent management | Firewalls | Forensic analysis | Incident Response | LinuxEntry-level Full TimeAl Khobar, Eastern Province, Saudi Arabia1mo ago