Cyderes · 2 days ago
Senior Detection Engineer
Wonder how qualified you are to the job?
ComputerNetwork Security
Insider Connection @Cyderes
Responsibilities
Design and work with partners to collect detection data and assist in generating meaningful insights
Provide production support for multiple SIEM technologies (Splunk, Chronicle, Sentinel, QRadar, LogRythm, etc)
Assist in the creation of business requirements for iteratively improving detection engineering workflows, processes and procedures
Analyze data on detection rule performance to provide feedback and identify tuning opportunities
Attend client calls when required to discuss detection rule requirements and capabilities
Provide production support and solve complex business-vertical specific issues
Advocate for efficient and appropriate detection rules for clients
Involved in all agile meetings providing feedback to team and project managers
Assist junior engineers in overcoming obstacles, defining and accomplishing goals, and mentorship
Assist in the onboarding of new team members
Work cross-functionally with other members and teams within the entire Cyderes organization on a professional level
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Prior experience in one or more SIEM (Splunk, Chronicle, Sentinel, QRadar, LogRythm, etc) platforms’ administration including developing and implementing detection rules and or saved searches
Prior experience in security operations (analyzing/triaging alerts, etc)
Prior experience and proficiency using ITSM tools (Jira, ServiceNow, etc)
Prior experience interacting with APIs (Postman, Insomnia, curl, etc)
Prior experience in open-source intelligence gathering (IOCs, Threat Actors, etc)
High Proficiency in detection rule languages (YaraL, KQL, SPL, AQL, etc)
Strong proficiency interacting with or administering common security technologies (SIEM, EDR, Phishing, IDS/IPS, Firewall, etc)
Strong proficiency analyzing data in common log formats (JSON, YAML, XML, CEF, CSV, etc.)
Strong proficiency in data/log analysis and the relationships between data sets
Proficiency in SQL (joins, aggregation functions, concatenation, case statements, etc)
Proficiency with pattern matching (regular expressions)
Proficiency in extracting, transforming, and loading data
Proficiency in using DBMS platforms (Spanner, BigQuery, MySQL)
Proficiency in understanding security threats (Insider, APT, Malware, Emerging Threats, etc)
Proficiency scripting/automation using Python or other scripting languages
Strong written and oral communication skills, must be able to explain data and how detection rules use that data to an audience with a variety of technical skills
Preferred
Splunk or other SIEM certification is a plus
Understands the basics of CI/CD (Github, Github actions)
Knowledge of GCP environments is a plus
Company
Cyderes
CYDERES is a human-led, machine driven security operations automation security-as-a-service solution for Managed Detection & Response.
Funding
Current Stage
Early StageTotal Funding
unknownKey Investors
Gary Fish
2017-06-01Seed· Undisclosed
Recent News
The Business Journals
2024-05-24
2024-05-24
GlobeNewswire
2024-05-24
Company data provided by crunchbase