Lead Engineer - Cyber Threat Detection (Cyber Ops & Technology)

Position Overview

The Cyber Threat Detection Engineer will be responsible for mapping security telemetry and detection use cases to the MITRE ATT&CK framework to assess and enhance SOC monitoring coverage. They will proactively create, test, and tune detection rules across SIEM, EDR, and NDR platforms, while continuously reviewing and improving existing use cases. The role requires developing and executing a comprehensive detection engineering strategy, staying current with emerging threat actor TTPs, and maintaining threat detection playbooks.

Role & Responsibilities

• Map security telemetry and data sources monitored by the SOC to the MITRE ATT&CK framework to determine the telemetry coverage
• Proactively create, test and tune new detection use cases for the Security Information and Event Management(SIEM), Endpoint Detection and Response (EDR), and Network Detection and Response (NDR) solutions, among others
• Review and enhance existing detection use cases for the SIEM, EDR, and NDR solutions, among others
• Map the detection use cases to the MITRE ATT&CK framework to determine the SOC monitoring coverage
• Develop, maintain, and execute the detection engineering strategy.
• Keep up-to-date with the latest threat actor Tactics, Techniques and Procedures (TTPs)
• Perform regular updates to threat detection engineering playbooks

Requirements

• 5+ years of experience working in a security operations role and experience developing threat detection rules
• Experience dealing with SIEM, EDR, NDR and SOAR tools
• Working knowledge of operating systems (Windows, Unix) and cloud technologies
• Strong knowledge of security frameworks such as MITRE ATT&CK and how it can be used to understand and defend against cyber attacks
• Able to work independently with minimal supervision

Apply Now

NOTE: It only takes a few minutes to apply for a meaningful career in HealthTech - GO FOR IT!!

#LI-SYNX13