Join our Talent Network
Skip to main content

Detection Engineer (Cloud) - L3

Location: Pune, MH, India
Date Posted: Nov 19, 2021

Job Description

Description

We are looking at passionate threat detection engineers who like to fight bad-guys by helping organizations detect attackers within the shortest MTD possible. You will be part of the Securonix Threat Labs team that is responsible for building the security analytics content, anomaly and threat detection models for the Securonix Snypr Next Generation SIEM platform and responding and providing awareness of advanced cyber and insider threats to our community. Our team's mission is to continuously develop detection methods to address the constantly-shifting threat landscape and detect the latest real-world cyberattacks.


What your role entails
  • Responsible for development of new policies, threat-models, dashboards and reports in the Snypr platform
  • Ensure detection content is sufficiently tested and validated before pushing to production
  • Develop detection content in timely manner while ensuring quality
  • Keep yourself updated on latest threats and community published research, tools for improving threat detection
  • Submit clear documentation around the detection content developed
  • Identify and build prototypes for new detection abilities that can be introduced to reduce MTD of threats
  • Translate threat intelligence into actionable detection
  • Engage with customers for custom threat detection development requirement
  • Provide L3 support for issues in customer environment associated to detection content
  • Review detection related metrics from production environment to optimize detection content
  • Identify and document RCA for issues and share details back with team
  • Perform fine-tuning exercises in customer environments
  • Submit bugs , features or improvements to improve quality of detections and capability of platform
  • Perform QA on content developed by other team members
  • Help build and maintain test lab for threat detection
  • Enhance processes that support the team’s mission
  • Provide escalation support for P1 issues on week-ends if required
What skills you posses
  • At-least 4 years of prior experience in building threat detection content for SIEM platforms
  • 2+ years of experience building detections for at-least two of the below technologies
    • Microsoft Azure
    • Microsoft 365
    • Google Cloud Platform (GCP)
    • Google Workspace
  • Understanding of the different MITRE ATT&CK Cloud Matrix
  • Knowledge of prominent attacker TTPs and building detections for the same
  • 3+ years of experience with the use case creation lifecycle from development , tuning, and updates 
  • Strong fundamentals in network and operating systems concepts
  • Experience working with offensive security testing tools
  • Ability to automate basic tasks using scripting languages like Python
  • Strong written and verbal communication skills
Additional skills that would give you an advantage
  • Prior investigations and response / SOC experience
  • Cloud security certifications from Azure, GCP or AWS
  • Information security professional certifications (SANS GIAC, CISSP etc.)
  • Developer or contributor to open-source attack or defense cyber-security tools
  • Experience building playbooks / automated response actions on SOAR
 
Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.
 
Save Job Saved
Share: mail

Similar Jobs