We are seeking a talented, tech savvy Detection Engineer to join our Cyber Security team and elevate detection and response capabilities across cutting-edge systems.
Responsibilities
Lead initiatives to enhance our capabilities for effectively detecting and responding to security incidents.
Design, develop, refine detection rules, alerts, and dashboards across security platforms to identify malicious or suspicious behavior.
Deploy, manage, and maintain the infrastructure components of various detection platformsincluding indexers, search heads, forwarders, and clustersto ensure high availability, optimal performance, and scalability
Parse and analyze logs from endpoints, servers, network devices, cloud services, EDR/XDR, and more.
Automate detection pipelines and content deployment using Detection-as-Code methodologies and CI/CD frameworks.
Tune and optimize detection logic to minimize false positives and enhance alert fidelity.
Collaborate with different teams to continuously improve detection coverage.
Integrate with SOAR tools and workflows, developing playbooks that enhance speed and consistency of incident response.
Perform proactive threat hunting, alert triage, and incident investigations, leveraging threat intelligence and different cybersecurity frameworks.
Requirements: Minimum 4 years in detection engineering, or equivalent roles.
SIEM proficiency: Hands-on experience with Splunk or Azure Sentinel is mandatory; working with both is highly desirable.
Familiarity with Detection as Code frameworks and CI/CD best practices.
Hybrid environment: Experience operating across Linux/Windows on-premises and cloud infrastructure.
Security fundamentals: Strong grasp of networking, operating systems, EDR/XDR, IDS/IPS, proxies, firewalls, and endpoint behaviour.
Analytical mindset: Able to distinguish between false positives and true alerts and continuously refine detections.
Collaboration & communication: Work effectively across teams to implement robust detection strategies.
Self‑driven: DIY approachadept at researching, building, and deploying solutions end‑to‑end.
This position is open to all candidates.