We are looking for a Threat Detection Engineer.
This role combines a blend of skill sets including security operations & incident response, data analytics, risk management, software development, and threat research. If you enjoy researching cloud security issues and developing detection content as code, all in a fast-paced environment with broad collaboration across a diverse team, this role is for you.
Requirements: Professional experience in cloud security-related operations and engineering roles, specifically related to threat detection, incident response, and risk management.
Experience with data analytics, including searching large data sets, correlating attributes, interpreting results, extracting insights, and forming data-driven conclusions.
Experience with searching data with analytics tools including Elastic Search, Splunk, or a SIEM.
A working practical knowledge of at least one of the following Cloud Service Providers: AWS, Azure, GCP, OCI.
A practical understanding of industry security standards and control frameworks such as NIST, CISA, CIS, HIPAA, HISTRUST, PCI and others.
Experience developing, deploying, and maintaining code in formalized software development/CICD workflows including the use of BitBucket to manage code deployments.
Familiarity with the Agile methodology for project management.
Experience in a DevOps or similar role that required use of Python and GO.
Ability to author and run Elastic Search queries and interpret results from large data sets.
Proficient in the English language with strong written and verbal communication skills.
A passion for quality and experience optimizing results.
Bonus Points:
Experience writing detection rules with the Open Policy Agent query language, Rego.
Having served in a role focused on Detection Engineering; writing detection rules used by other teams.
Formalized training or certification in cloud computing, including administration, development, engineering, or architecture.
This position is open to all candidates.