Join our Talent Network
Skip to main content

Security Engineer - Detections L1

This job posting is no longer active.

Location: Pune, MH, India
Date Posted: Jan 17, 2022

Job Description


Securonix provides the Next Generation Security and Information Event Management (SIEM) solution. As a recognized leader in the SIEM industry, Securonix helps some of the largest global organizations detect sophisticated cyberattacks and rapidly respond to these attacks within minutes. With the Securonix SNYPR platform, organizations can collect billions of events each day and analyze them in near real-time to detect advanced persistent threats (APTs), insider threats, privilege account misuses and online fraud. Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable.
We are looking at passionate threat detection engineers who like to fight bad guys by helping organizations detect attackers within the shortest MTD possible. You will be part of the Securonix Threat Labs team that is responsible for building the security analytics content, anomaly and threat detection models for the Securonix Snypr Next Generation SIEM platform and responding and providing awareness of advanced cyber and insider threats to our community. Our team's mission is to continuously develop detection methods to address the constantly shifting threat landscape and detect the latest real-world cyberattacks.
What your role entails:
  • Responsible for maintaining policies and threat-models in the Snypr platform
  • Ensure detection content is sufficiently tested and validated before pushing to production
  • Submit clear documentation around the detection content developed
  • Engage with customers for custom threat detection development requirement
  • Triage customer tickets and provide technical support for issues in customer environment associated to detection content
  • Provide on-call support during weekdays and weekends, if required
  • Proactively monitor reports and dashboards tracking content metrics from the field and flag issues
  • Help generate or collect sample logs relevant for resolution of detection tickets
  • Document RCAs for issues resolved
What skills you posses:
  • At-least 1 year of prior experience in building threat detection content for SIEM platforms like ArcSight, QRadar, Splunk, Logrhythm, etc.
  • Understanding of the different MITRE ATT&CK Matrices
  • Strong fundamentals in network and operating systems concepts
  • Experience working with offensive security testing tools
  • Ability to automate basic tasks using scripting languages like Python
  • Experience in GIT and SVN based code management
  • Strong written and verbal communication skills
Additional skills that would give you an advantage
  • Prior investigations and response / SOC experience
  • Information security professional certifications (OSCP, CEH, etc.)
  • Developer or contributor to open-source attack or defense cyber-security tools
  • Experience building playbooks / automated response actions on SOAR
Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.
Save Job Saved
Share: mail

Similar Jobs