Be an early applicantLess than 25 applicants

Company

Original Job Post

Cyderes · 2 days ago

Senior Detection Engineer

United States

Full-time

Remote

Senior Level

Wonder how qualified you are to the job?

Maximize your interview chances

ComputerNetwork Security

Actively Hiring

Insider Connection @Cyderes

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Design and work with partners to collect detection data and assist in generating meaningful insights

Provide production support for multiple SIEM technologies (Splunk, Chronicle, Sentinel, QRadar, LogRythm, etc)

Assist in the creation of business requirements for iteratively improving detection engineering workflows, processes and procedures

Analyze data on detection rule performance to provide feedback and identify tuning opportunities

Attend client calls when required to discuss detection rule requirements and capabilities

Provide production support and solve complex business-vertical specific issues

Advocate for efficient and appropriate detection rules for clients

Involved in all agile meetings providing feedback to team and project managers

Assist junior engineers in overcoming obstacles, defining and accomplishing goals, and mentorship

Assist in the onboarding of new team members

Work cross-functionally with other members and teams within the entire Cyderes organization on a professional level

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

SIEM AdministrationSecurity OperationsITSM ToolsAPI InteractionOpen-Source Intelligence GatheringDetection Rule LanguagesCommon Security TechnologiesData AnalysisSQLPattern MatchingETLDBMS PlatformsSecurity Threats UnderstandingScripting/AutomationPythonRegular ExpressionsProblem-SolvingCommunicationSplunkSIEM certificationCI/CDGithubGCP environments

Required

Prior experience in one or more SIEM (Splunk, Chronicle, Sentinel, QRadar, LogRythm, etc) platforms’ administration including developing and implementing detection rules and or saved searches

Prior experience in security operations (analyzing/triaging alerts, etc)

Prior experience and proficiency using ITSM tools (Jira, ServiceNow, etc)

Prior experience interacting with APIs (Postman, Insomnia, curl, etc)

Prior experience in open-source intelligence gathering (IOCs, Threat Actors, etc)

High Proficiency in detection rule languages (YaraL, KQL, SPL, AQL, etc)

Strong proficiency interacting with or administering common security technologies (SIEM, EDR, Phishing, IDS/IPS, Firewall, etc)

Strong proficiency analyzing data in common log formats (JSON, YAML, XML, CEF, CSV, etc.)

Strong proficiency in data/log analysis and the relationships between data sets

Proficiency in SQL (joins, aggregation functions, concatenation, case statements, etc)

Proficiency with pattern matching (regular expressions)

Proficiency in extracting, transforming, and loading data

Proficiency in using DBMS platforms (Spanner, BigQuery, MySQL)

Proficiency in understanding security threats (Insider, APT, Malware, Emerging Threats, etc)

Proficiency scripting/automation using Python or other scripting languages

Strong written and oral communication skills, must be able to explain data and how detection rules use that data to an audience with a variety of technical skills