Design, develop, and maintain high-fidelity detection rules, signatures, and analytics for enterprise security tools to identify known and emerging threats
Job Summary
Design, develop, and maintain high-fidelity detection rules, signatures, and analytics for enterprise security tools to identify known and emerging threats.
Lead advanced security investigations and conduct proactive threat hunting across network, endpoint, and cloud environments to identify hidden threats and security gaps.
Develop automation scripts and tools to streamline security operations, facilitate data parsing, integrate security tools, and enhance response capabilities.
Matching Summary
Design, develop, and maintain high-fidelity detection rules, signatures, and analytics for enterprise security tools to identify known and emerging threats.
Skills & Requirements
Must-have
Develop and Implement Custom Detections
Tier 3 Security Investigations
Proactive Threat Hunting
Security Orchestration Automation Response (SOAR)
SIEM, EDR, IDS/IPS proficiency
Scripting languages (Python, PowerShell, Bash)
Nice-to-have
Collaborate with MSSP partners
Continuous improvement and documentation
Stay abreast of latest security threats
Google Cloud Platform (GCP) experience
Kubernetes incident response
Key Requirements
4-6 years experience in SOC, NOC, Digital Forensics, or IR
Proficiency in SIEM systems (Splunk, LogRhythm, Google SecOps, Elastic)
Strong knowledge of EDR and IDS/IPS
Proficiency in scripting languages (Python, PowerShell, Bash)