Deepwatch is seeking a Detection Engineer to join their team of world-class cybersecurity professionals. The Detection Engineer will serve as a subject matter expert in cybersecurity detections and participate in strategy, creation, tuning, validation, and correlation to ensure effective detections for Deepwatch customers.

Requirements

Experience working for a Managed Security Service Provider (MSSP) or similar cybersecurity organization
Experience working and querying SIEM tools or other log-based data preferably Splunk
Experience in engineering event detection & response tuning
Ability to engineer creative, scalable, and out-of-the-box solutions
Up to date with engineering best practices, security technology trends, tools, and frameworks
Experience in developing detections for attacker tactics, techniques, and procedures (TTPs)
Able to both investigate and create security rules in at least 1 SIEM
Understanding of general enterprise network architecture and security incident response
Understanding of common enterprise technologies and logging capabilities including Cloud, IDS/IPS, Firewalls, Active Directory, Anti-Virus/EDR, Proxies, and Email Gateway
Understanding of various attack frameworks such as MITRE ATT&CK and general adversarial / defensive security techniques (e.g. the Cyber Kill Chain, and NIST)
Ability to communicate and document technical information effectively towards various audience

Benefits

Medical, dental, vision, and disability insurance
Flexible Time Off (FTO), 12 company holidays, sick leave and 8-Weeks Paid Parental Leave
401(K) retirement program
Unique professional development benefits with Annual “development dollars” to support our people growth and development
Wellness contests and monthly educational programs

Requirements

Experience working for a Managed Security Service Provider (MSSP) or similar cybersecurity organization

Experience working and querying SIEM tools or other log-based data preferably Splunk

Experience in engineering event detection & response tuning

Ability to engineer creative, scalable, and out-of-the-box solutions

Up to date with engineering best practices, security technology trends, tools, and frameworks

Experience in developing detections for attacker tactics, techniques, and procedures (TTPs)

Able to both investigate and create security rules in at least 1 SIEM

Understanding of general enterprise network architecture and security incident response

Understanding of common enterprise technologies and logging capabilities including Cloud, IDS/IPS, Firewalls, Active Directory, Anti-Virus/EDR, Proxies, and Email Gateway

Understanding of various attack frameworks such as MITRE ATT&CK and general adversarial / defensive security techniques (e.g. the Cyber Kill Chain, and NIST)

Ability to communicate and document technical information effectively towards various audience

Benefits

Medical, dental, vision, and disability insurance

Flexible Time Off (FTO), 12 company holidays, sick leave and 8-Weeks Paid Parental Leave

401(K) retirement program

Unique professional development benefits with Annual “development dollars” to support our people growth and development

Wellness contests and monthly educational programs

Detection Engineer

About the Company

Job Description

Requirements

Benefits

Similar Jobs

Detection Engineer

Detection Engineer

Detection Engineer

Detection Engineer

About the Company

Job Description

Requirements

Benefits

Similar Jobs

Detection Engineer

Detection Engineer

Detection Engineer

Job Details

About Deepwatch