Use Case Factory Specialist (Detection Engineer)
Tasks
- Automate enrichment correlation and triage with soar playbooks
- Build high fidelity detection logic
- Conduct breach and attack simulations bas
- Design detection rules signatures correlation logic in SIEM
- Execute purple team exercises and validate detections
- Integrate threat intelligence feeds iocs and behavioral patterns
- Maintain documentation detection repositories and test playbooks
- Map detections to MITRE ATT&CK techniques
- Perform regression testing of detection rules
- Report detection coverage false positive ratios and bas validation results
- Tune detection logic to reduce false positives
Perks/Benefits
Skills/Tech-stack
AWS | Attack Simulation | AttackIQ | Automation | Azure | Breach and Attack Simulation | Caldera | Cloud platform | Data Normalization | Detection engineering | Endpoint Security | Google Cloud | Google Cloud Platform | Indicators of compromise | Kubernetes | Log Parsing | MITRE ATT&CK | Microsoft Sentinel | Network Security | Powershell | Purple Team | Python | SIEM | SOAR | SOAR playbooks | Serverless | Splunk | Threat Intelligence | Threat hunting
Education
Related jobs
-
Use Case Factory Specialist (Detection Engineer) EUR 70K-79KAWS | Attack Simulation | AttackIQ | Azure | Breach and Attack SimulationIn-person work at least 3 days per weekMid-level Full TimeBest - QX, Netherlands22h ago
-
Security Monitoring Service Delivery Manager EUR 54K-76KAnalytics | CIS Benchmarks | Cybersecurity | ISO 27001 | ITILMid-level Full TimeBest - QX, Netherlands22h ago
-
Senior Corporate Security and IT Engineer (EU) EUR 43K-69K800-53 | ABDO 2019 | Access Management | Automation | BashSenior-level Full TimeAmsterdam, Netherlands1d ago
-
Cloud Security Engineer (Freelance) EUR 47K-80KAWS Config | AWS IAM | Amazon Web Services | Application Security Testing | BashHybrid working | International working environment | Knowledge sharingSenior-level Freelance Full TimeThe Hague - Haagse Poort - …1d ago
-
Security Architect EUR 47K-84KAWS | Access Control | Access Management | Active Directory | AzureCollaborative work environment | Flexible working arrangements | Professional growthSenior-level Full TimeAmsterdam, Netherlands2d ago
-
Integration Security Engineer EUR 95K-95KApplication Security | Authentication | Cryptography | Malware protection | Network ForensicsMid-level Full TimeThe Hague, Netherlands2d ago
-
Security Tester (Ethical Hacker) EUR 59K-101KASVS | Amazon Web Services | Application Testing | Azure | CSSDevelopment budget | Employee benefit budget | Holiday allowance | Hybrid working | Pension contributionMid-level Full TimeUtrecht Croeselaan 18, Netherlands2d ago
-
Security Engineer EUR 71K-100KCyber Risk | Cyber Risk Management | Cybersecurity | Detection rules | Golang24x7 On Call Duty | Bike travel reimbursement | Conference attendance | Flexible travel allowance | Flexible work hoursEntry-level Full TimeRotterdam, Blaak 8 (Kantoor functie), Netherlands2d ago
-
Cyber Security Specialist (Blue Team) EUR 40K-60KAWS | Azure | Elastic | Incident Response | Log AnalysisCafeteria benefits | Flexible pension plan | Hybrid work | Knowledge sharing sessions | Mobility budgetEntry-level Full TimeNieuwegein, UT, Netherlands3d ago
-
Information Security Analyst / Engineer EUR 44K-65KAWS | Access Management | Audit Support | CASB | Cloud SecurityEmployee stock option plan | Flexible working options | Health insurance | Home-office allowance | Parental leaveMid-level Full TimeRemote Netherlands R3d ago
-
Senior Software Engineer EUR 48K-60KARM Templates | Application Insights | Azure Data | Azure Data Explorer | Azure DevOpsSenior-level Full TimeNetherlands3d ago
-
Application Security | Authentication Protocols | Cryptography | Malware protection | Network ForensicsOn-site workMid-level Contract Full TimeThe Hague, South Holland, Netherlands3d ago
-
Application Engineer/ Administrator EUR 45K-67KAPI Gateway | Amazon Web Services | Ansible | Application administration | AzureSenior-level Full TimeThe Hague, ZH, Netherlands4d ago
-
Authentication | Authorization | Automation | Azure Cloud | BackupMid-level Full TimeUtrecht5d ago
-
ActiveMQ | Agile | Azure | Bash | CI/CDHybride werken | On call vergoeding mogelijkMid-level TemporarySchiphol7d ago
-
AWS | Azure | Cloud platform | Continuous Delivery | Continuous integrationAdditional vacation days | Remote working daysMid-level Full TimeThe Hague, ZH, Netherlands7d ago
-
Mid-level Full TimeAmsterdam, NH, Netherlands7d ago
-
Microsoft Cloud Security Engineer EUR 60K-84KConditional Access | Endpoint protection | Entra ID | Incident Management | IntuneEU work eligibility only | Remote work optionSenior-level Full TimeThe Hague, ZH, Netherlands7d ago
-
Cybersecurity Engineer EUR 65K-90KAccess Control | CI/CD | Cloud Compliance | Cloud apps | Defender for Cloud AppsSenior-level Full TimeAmsterdam, NH, Netherlands7d ago
-
Microsoft 365 Security Expert EUR 60K-84KAzure Security | CI/CD | Cloud apps | Data Loss Prevention | Data lossSenior-level Full TimeAmsterdam, North Holland, Netherlands7d ago
-
API Development | Automation | Azure | Azure DevOps | Azure PipelinesSenior-level Full TimeUtrecht, UT, Netherlands7d ago
-
Anomaly Detection | Blue Teaming | EDR | Incident Response | Kusto QueryHybrid work | In-office Flexibility | Work on security projectsMid-level Full TimeUtrecht, UT, Netherlands7d ago
-
Senior-level Full TimeUtrecht, UT, Netherlands7d ago
-
Mid-level Full TimeUtrecht, UT, Netherlands7d ago
-
Azure DevOps | Configuration Management | DevOps | Microsoft Azure | PowershellTeamwork collaborationMid-level Full TimeUtrecht, UT, Netherlands7d ago