Detection Engineer/SOC Analyst (SOC2)

IT And Software Development National Capital Region

Apply

Description

     Responsibilities 
 
  • You’ll be a key member of our SOC team, crafting innovative analytics to detect advanced threat actors and ensure our current analytics are in their best shape. Backed by our team you’ll: 
  • Create advanced analytic rules based on the latest actor TTPs 
  • Tune and test existing analytics to ensure they are functioning correctly 
  • Manage CTI streams which feed our analytics 
  • Develop SOAR capabilities that enrich detections and weaponise threat intelligence 
  • Assess and expand our coverage across the MITRE ATT&CK framework 
  • Assist our SOC team with investigations where required 
  • Constantly grow and develop whilst working at the edge of what’s currently possible 
 
Required Skills and Qualifications 
  
  • At least 2 years writing analytics for a prominent SIEM or equivalent experience 
  • At least 3 years in the security or IT industry ideally working within a SOC 
  • Demonstrated experience working with large volumes of atomic indicators 
  • Demonstrated experience with purple team tools such as Atomic Red Team, Metasploit, etc. 
  • Familiarity with the MITRE ATT&CK framework 
  • A sound understanding of modern threat actors, their tactics, techniques and procedures 
  • Familiarity with SOAR including scripting languages such as PowerShell and/or Python 
  • Experience working within a Microsoft stack including Defender and Sentinel is desirable but not essential 
  • Experience tuning analytics to ensure triggers are accurate 
  • Ability to learn quickly and adapt to the ever-evolving threat landscape. 
 

Apply Apply Later
← Back to Current Openings

Share