Staff Detection Engineer

Job Summary:

• Seeking a Senior Staff Engineer with 1012 years of hands-on experience.
• Responsible for technically leading and driving complex detection engineering initiatives across the organization.
• Requires strong leadership, a deep technical foundation in detections, and a passion for delivering best-in-class detections.
• Responsible for building and optimizing detection content and working on the roadmap to build new content.

Primary Responsibilities:

• Technically lead and drive Content Engineering projects (Detection Engineering) across cloud and on-prem environments.
• Collaborate with product, analytics, and business teams to define and prioritize detection engineering initiatives.
• Evaluate and integrate technologies required to enhance and strengthen the process of building detections.
• Actively participate in incident management, root cause analysis, and performance tuning.
• Identify, design, and implement internal process improvements: automating manual processes, optimizing detection, etc.
• Identify product/process limitations for content-based initiatives and propose plausible solutions.
• Identify and build prototypes for new detection abilities to reduce MTD of threats.
• Implement and use Breach and Attack Simulation Platform for better content delivery.
• Mentor and guide junior content engineers, driving best practices, code quality, and documentation.

Skill Set:

Must-Have Skills:

• 1012 years of experience in Cybersecurity as a Detection Engineer or related roles, with a proven track record of driving initiatives end-to-end.
• Experience in technically leading the SOC.
• Understanding of the MITRE ATT&CK Framework.
• Knowledge of prominent attacker TTPs and building detections for the same.
• Solid understanding of cyber threats and attack vectors.
• Proficient with security technologies such as SIEM, EDR, IDS, IPS, network traffic analysis, endpoint security controls, and SOAR.
• Experience with one or more cloud platforms: AWS, GCP, or Azure.
• Strong fundamentals in network and operating systems concepts.
• Experience working with offensive security testing tools.
• Strong communication skills, especially in writing technical documentation.

Preferred Skills:

• Past experience in detection development with multiple SIEM vendors.
• Experience with Python automation development (good to have).
• Prior cloud detection content experience.