We are looking for a Security Research engineer with a solid technical background in cyber security to lead the implementation and quality of our Velocity XDR detections and content and ensure that we meet its clients cyber security needs.
As a Security research engineer in a fast-expanding operation team, you will be responsible for threat detection and research, to identify classic & new attack vectors, emerging threats and vulnerabilities across various attack surfaces. To excel in this role, you will demonstrate strong technical aptitude, dedication to delivering high-quality work, and a cooperative approach to teamwork.
Main Responsibilities:
Develop and implement detection rules tailored to the unique XDR platform.
Analyze and assess potential threat landscapes, applying this knowledge to enhance detection capabilities.
Ensure the quality, accuracy, and effectiveness of XDR detection rules are consistently maintained.
Work with data from many different security domains across email, identity, endpoint, and cloud to build the most accurate detection rules in XDR platform.
Understand, identify and implement detection gaps, capabilities, assumptions and improvements of detection rules.
Identify and analyse new and existing attacks and tactics in clients environments to develop tailor-made detection plan.
Develop detection rules for new and zero day vulnerabilities in XDR platform.
Simulate attacks in the lab and conduct a deep analysis of the behaviour and develop Proofs of Concept (PoCs) and automation scripts to simulate attacks.
Stay up to date with APTs, attacker methodologies, and TTPs.
Be the owner of detection rules content in XDR platform and develop detection rules process and procedures.
Collaborate with Product Management to shape the product roadmap for the detection engine.
Requirements: Minimum of 3 years of experience in detection engineer, security research, threat research, red teamer.
Experience delivering security detections for products.
Deep understanding and extensive experience in penetration testing methodologies, tools, and attack simulations.
Experienced in simulating and analyzing domain attacks.
Experience in simulating real environments and creating lab environments.
Ability to develop Proofs of Concept (PoCs) and automation scripts to simulate attacks.
Experience with Python, SQL or similar data analysis capabilities.
In-depth understanding of an organizations security, risks, and potential attack vectors in all the organizations perimeters.
Passion to cyber security world, stay up to date with new threats and develop new scenarios following to threat landscape.
Solid understanding of various security-related technologies, such as: OS internals, EDR, Active Directory, Office 365, Cloud technologies such as AWS, Microsoft Azure and GCP, Network protocols and security products.
Strong verbal & written communication skills in English.
Team player, able to drive and facilitate projects across disciplines.
2+ years of experience hunting for and investigating security incidents An advantage.
Experience with OT environments - An advantage.
This position is open to all candidates.