Exabeam Detection Engineer (Rule Development) @ Remote work @ Ender-IT | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Exabeam Detection Engineer (Rule Development) @ Remote work jobs in United States
28 applicants
company-logo

Ender-IT · 20 hours ago

Exabeam Detection Engineer (Rule Development) @ Remote work

positionUnited States
timeContract
remoteRemote
seniorityMid Level
date3+ years exp
ftfMaximize your interview chances
IT Services and IT Consulting

Insider Connection @Ender-IT

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Develop, customize, and optimize detection rules within Exabeam to identify potential security threats and malicious activities.
Configure, tune, and enhance existing rules and alerts to reduce false positives and improve the efficiency of threat detection.
Collaborate with the SOC team to understand emerging threats and integrate detection techniques that address these risks.
Analyze security data and logs to identify patterns, trends, and indicators of compromise (IOCs) and integrate them into detection rules.
Perform regular rule maintenance and review to ensure continuous relevance and effectiveness.
Work with incident response and threat intelligence teams to correlate data across multiple sources and improve detection capabilities.
Monitor Exabeam performance, troubleshoot issues, and optimize the platform’s detection accuracy and responsiveness.
Document detection rule logic, tuning processes, and provide guidance on detection rule lifecycle management.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

ExabeamSIEMDetection rule developmentPythonPowerShellThreat intelligenceIOCsExabeam Administrator certificationExabeam Advanced Analytics certificationNetwork security toolsEndpoint security toolsMITRE ATT&CK frameworkTTPs

Required

Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field.
3+ years of experience in security operations, incident detection, and response, with a focus on SIEM platforms like Exabeam.
Strong experience in developing, tuning, and implementing detection rules within Exabeam.
Knowledge of scripting languages (e.g., Python, PowerShell) for data parsing and automation is a plus.
Familiarity with threat intelligence, IOCs, and TTPs of common threat actors.
Strong analytical and problem-solving skills with attention to detail.
Excellent communication skills, with the ability to clearly document rule logic and collaborate with technical and non-technical teams.

Preferred

Exabeam Administrator or Exabeam Advanced Analytics certification.
Experience with network and endpoint security tools, such as firewalls, IDS/IPS, and EDR solutions.
Knowledge of the MITRE ATT&CK framework and its application to threat detection.

Company

Ender-IT

twitter
company-logo
Ender-IT specialize in connecting top-tier technology talent with leading companies in the digital world.
dateFounded in 2019
location
Phoenix, AZ
people-size11-50 employees
web-link
https://www.ender-it.com

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Jaspal Singh Nandra
Founder| Startup Pioneer
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot