Job Overview:
This role focuses on developing and refining security detection logic across various SIEM/EDR platforms to enhance threat visibility. It involves collaborating with incident response teams to integrate new threat intelligence and techniques into existing workflows.
* Create, test, and refine detection rules to identify suspicious activity and minimize false positives.
* Analyze event data to identify indicators of potential threats and recommend enhancements to existing processes.
* Support investigations by providing in-depth analysis of events and recommending courses of action.
* Collaborate with cross-functional teams to implement automation workflows and improve operational efficiency.
* Develop and maintain accurate documentation of detection logic and procedures.
* Participate in testing and validation of new detection use cases to ensure their effectiveness.
About the Role:
We are seeking a skilled Security Monitoring Engineer to strengthen our operational security capabilities. This role suits someone with hands-on experience in security operations who wants to move deeper into building detections, improving signal quality, and supporting proactive threat identification across modern cloud and endpoint platforms.
Key Responsibilities:
* Detection Rule Development: Create, test, and refine detection rules to identify suspicious activity and minimize false positives.
* Event Analysis: Analyze event data to identify indicators of potential threats and recommend enhancements to existing processes.
* Investigation Support: Support investigations by providing in-depth analysis of events and recommending courses of action.
* Cross-Functional Collaboration: Collaborate with cross-functional teams to implement automation workflows and improve operational efficiency.
* Documentation: Develop and maintain accurate documentation of detection logic and procedures.
* Testing and Validation: Participate in testing and validation of new detection use cases to ensure their effectiveness.
Requirements:
* Proven experience in security monitoring and detection engineering.
* Familiarity with SIEM/EDR platforms and ability to develop detection rules.
* Strong analytical and problem-solving skills.
* Excellent communication and collaboration skills.
* Able to work in a fast-paced environment and adapt to changing priorities.