Threat Detection Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Conduct in-depth analysis of terabytes of SaaS Application data to pinpoint new attack vectors, emerging threats, and vulnerabilities across multiple attack surfaces.

• Keep abreast of the latest trends in cybersecurity and contribute to the creation of innovative threat detection methodologies.

• Apply your technical expertise to investigate intricate SaaS and AI security incidents, analyzing data from various SaaS applications to reveal root causes and attack methods.

• Utilize your data analysis and correlation skills to refine detection rules and algorithms, reducing false positives and improving the accuracy of the platform's threat alerts.

• Lead thought leadership initiatives by producing technical blog posts, delivering webinars, and presenting at conferences to share insights, educate the community, and bolster the company's reputation in the cybersecurity sector.

• Collaborate with security researchers and data scientists to devise new threat detection strategies based on SaaS attack vectors and industry developments.

• Continuously monitor and assess SaaS attack techniques, adapting the security posture in response to evolving threats.

• Work with APIs and integrations to collect security logs from various SaaS platforms, correlating signals to identify genuine threats.

⛳️ Requirements

• A minimum of 5 years of experience in cybersecurity, ideally within SOC, SIEM, Threat Intelligence, or Cloud Security.

• Familiarity with SaaS security challenges, including shadow IT, OAuth risks, IDP misconfigurations, and excessive permissions.

• Practical experience in security data analysis, encompassing large-scale log processing, anomaly detection, and behavioral analytics.

• Proficient in SQL (e.g., ClickHouse) for querying security events and correlating threat indicators.

• A solid understanding of identity-based attacks, insider threats, and SOC detection methodologies.

• Knowledge of SIEM and XDR solutions (e.g., Splunk, Sentinel, Chronicle) and their significance in contemporary detection engineering.

• Strong analytical and problem-solving abilities to triage security incidents and enhance detection rules.

🏝️ Benefits

• Competitive salary and comprehensive benefits package.

• Opportunities for professional development and continuous learning.

• Flexible work environment and work-life balance initiatives.

• Access to cutting-edge tools and technologies in cybersecurity.