Senior Purple Operations Engineer
Tasks
- Build and maintain detection rules correlation searches dashboards watchlists response workflows
- Improve log coverage parsing field normalization enrichment data quality
- Map detections to MITRE ATT&CK
- Support SOC analysts with alert descriptions triage steps severity logic escalation guidance
- Track detection gaps false positive trends alert health platform performance
- Translate threat intelligence and Red Team Purple Team findings into defensive checks
- Tune EDR SIEM XDR detections to reduce false positives
- Tune noisy alerts thresholds exclusions lookups entity context suppression logic
- Validate EDR policies prevention rules logging sensor health response actions
- Write detection content using Sigma
Perks/Benefits
- Annual company retreats
- Flexible core hours
- Paid annual leave
- Referral bonuses
- Remote-first
- Top of the line equipment
Skills/Tech-stack
Analytics rules | Automation rules | Bash | Cloudflare | Correlation rules | CrowdStrike Falcon | Data Normalization | Defender XDR | Detection and Response | Detection engineering | EQL | Elastic Security | Endpoint Detection and Response | Endpoint detection | Enterprise Security | Entra ID | Event Query Language | Event management | Extended Detection and Response | Google SecOps | Google Workspace | KQL | Kubernetes | Kusto Query | Kusto Query Language | Log Parsing | Lucene | MITRE ATT&CK | Microsoft Defender | Microsoft Defender XDR | Microsoft Sentinel | Okta | Osquery | Powershell | Python | Query Language | SIEM | SPL | Search Processing | Search Processing Language | Security Information | Security Information and Event | Security Information and Event Management | Sigma | Splunk Enterprise | Splunk Enterprise Security | Suricata | Sysmon | Threat detection | XDR | Yara | Zeek
Education
N/A
Related jobs
-
Cyber Security Engineer GBP 70K-85KAWS | Agile | Application Security | Automation | CI/CDAnnual leave | Community volunteering opportunities | Hybrid work | Inclusive parental leave | Medical coverSenior-level Full TimeLondon; Manila; Sofia R20h ago
-
Security Engineers – Product Security, Application Security & DevSecOps (Remote Europe) A EUR 70K-140KAWS | Amazon Web Services | Application Security | Azure | CI/CD100 percent remote within Europe | Guaranteed reply to all applicantsMid-level ContractEU - Romania, Bucharest; EU - … R1d ago
-
AI Engineer EUR 60K-84KAPI Security | Agile | Application Security | Code review | DevSecOpsCoaching | Equity participation program | Family leave plus | Health benefits | Hybrid work arrangementSenior-level Full TimeMünchen, Bayern, Germany (Hybrid) R1d ago
-
AI Engineer EUR 60K-84KAPI Security | Agile | Application Security | Code Analysis | Code reviewEquity participation | Family leave plus | Health benefits | Language training | Leadership programsSenior-level Full TimeValencia, Spain (Hybrid) R1d ago
-
AI Engineer EUR 60K-84KAPI | API Security | Agile | Application Security | Application Security TestingCoaching | Equity participation program | Family leave plus | Flexible-hybrid work | Health benefitsSenior-level Full TimeBerlin, Germany (Hybrid) R1d ago
-
CDI Architecte DevSecOps H/F EUR 45K-53KAgile | Ansible | ArgoCD | Bash | CI/CDCSE benefits | Company Canteen Subsidy | Company savings plan | Coworking spaces | Electric vehicle chargingSenior-level Full TimeToulouse, Occitanie, France R1d ago
-
Security Engineer II BGN 46K-55KAccess Management | Active Directory | Cloud Security | Elastic | Identity and Access ManagementOn-call rotation | Remote work | Support during business hoursMid-level Full TimeSofia, Bulgaria R1d ago
-
Security Engineer II BGN 46K-55KActive Directory | Automation | Cloud Security | Elasticsearch | Escalation managementFlexible work environment | On-call rotation | Remote work optionMid-level Full TimeSofia, Bulgaria R1d ago
-
Cyber Defense | Detection and Response | Detection engineering | EDR | Incident ResponseAnnual company retreats | Generous time off | Quarterly meetups | Remote-friendly culture | Volunteering daysSenior-level Full TimeBerlin - remote R1d ago
-
Lead Tech Full-Stack Cybersécurité (SIEM + Outil de Veille Vulnérabilités) - Défense & Sécurité - Rennes EUR 45K-53KBeats | CI/CD | CTI | Cloud | CypherCooptation bonus | Employee committee benefits | Health insurance | Meal vouchers | Profit sharingSenior-level Full TimeCesson-Sévigné, Bretagne, France R1d ago
-
Team Lead cybersécurité service MCS (veille de vulnérabilité) - Défense & Sécurité - Rennes EUR 45K-55KAgile | Burp Suite | CVE | CVSS | CWEBonuses | Career development opportunities | Coaching | Conference access | Employee welfare councilSenior-level Full TimeCesson-Sévigné, Bretagne, France R1d ago
-
Cloud Engineer AWS/Azure PLN 264K-360KAWS | Amazon EventBridge | Amazon S3 | Apache Spark | AzureHybrid work modelSenior-level Full TimeKraków, Poland R1d ago
-
Information Security Manager - DIGI000550 EUR 63K-76KBy Design | CIS Critical Security | CIS Critical Security Controls | COBIT | ComplianceCollaborative culture | Hybrid working | Innovation-focused culture | Long-term contractMid-level Full TimeAntwerp, Belgium R1d ago
-
Amazon Web Services | Azure | Bash | Case management | Cyber incidentCareer development opportunities | Coaching and feedback | Flexible work arrangements | Training and educationSenior-level Full TimeMalaga, ES, 29590 R2d ago
-
Cyber SOC L2 - Senior - EY GDS Spain - Hybrid EUR 34K-42KAzure Sentinel | Carbon Black | CrowdStrike | CrowdStrike Falcon | CrowdStrike Falcon LogScaleCareer development | Coaching | Flexible workSenior-level Full TimeMalaga, ES, 29590 R2d ago
-
Senior Security Test Engineer PLN 192K-247KAPI Testing | AWS | Application Testing | Azure | Cloud SecurityCharity donation matching | Digital course library | Employee assistance program | Mindfulness programs | Volunteer paid time offSenior-level Full TimePoland Katowice (Francuska 46) R2d ago
-
Sr. Analyst, Falcon Complete (Remote, GBR) GBP 89K-108K.NET | C# | C++ | Computer forensics | CountermeasuresEmployee networks | Paid adoption leave | Paid parental leave | Professional development | Vacation and holidaysSenior-level Full TimeGBR Remote, United Kingdom R2d ago
-
Security Analyst GBP 39K-50KBurp Suite | CIS Critical Security | CIS Critical Security Controls | Cloud Security | Critical Security Controls25 days vacation | Birthday off | Dental coverage | Free lunch | Medical coverageMid-level Full TimeUnited Kingdom R2d ago
-
Senior-level Full TimeRemote - United Kingdom R2d ago
-
Senior-level Full TimeRemote - Ireland R2d ago
-
API Security | AWS | Access Management | Amazon EKS | Application SecurityAnnual leave | Career growth opportunities | Flexible international work environment | Full equipment and technology setup provided | Fully remote work optionSenior-level Full TimeRomania R2d ago
-
API Security | AWS Security | Access Management | Amazon EKS | Application SecurityAnnual leave | Career growth opportunities | Equity or stock options | Flexible remote work option | Full equipment and technology setup providedSenior-level Full TimeItaly R2d ago
-
API Security | AWS | Access Control | Access Management | Amazon EKSAdditional annual leave | Career growth opportunities | Equity or stock options | Flexible international work environment | Full equipment and technology setupSenior-level Full TimePortugal R2d ago
-
API Security | AWS | Access Management | Application Security | Artifact validationAnnual leave | Career growth opportunities | Equity or stock options | Flexible work environment | Full equipment providedSenior-level Full TimeNetherlands R2d ago
-
API Security | AWS | Access Control | Access Management | Amazon EKSAnnual leave | Career growth opportunities | Equity or stock options | Flexible international work environment | Full equipment and technology setupSenior-level Full TimeIreland R2d ago