Security Engineer - Detections - L1

Security: Content, Research, Analytics Addison, Texas


Description

We are looking at passionate threat detection engineers who like to fight bad-guys by helping organizations detect attackers within the shortest MTD possible. You will be part of the Securonix Threat Labs team that is responsible for building the security analytics content, anomaly and threat detection models for the Securonix Snypr Next Generation SIEM platform and responding and providing awareness of advanced cyber and insider threats to our community. Our team's mission is to continuously develop detection methods to address the constantly-shifting threat landscape and detect the latest real-world cyberattacks.


What your role entails:
  • Help develop policies and threat-models in the Snypr platform
  • Ensure detection content is sufficiently tested and validated before pushing to production
  • Develop automation framework for creation, validation and deployment of detection content
  • Submit clear documentation around the detection content developed
  • Work towards improving detection engineering processes
  • Engage with customers for custom threat detection development requirement
  • Triage customer tickets and provide L1 technical support for issues in customer environment associated to detection content
  • Remain aware of latest threats and associated tools, techniques and actors
  • Perform evaluations of open-source or commercial products for integration or improvement in threat detection
  • Build scripts/tools for automation of in-house projects
  • Provide on-call support during weekdays and weekends, if required
What skills you posses:
  • Strong fundamentals in network and operating systems concepts
  • An understanding of offensive cybersecurity domain and how threat actors operate
  • Experience with scripting and automation using Shell scripts, Python and/or Powershell
  • Comfortable with CLI and Linux environments
  • Working knowledge of MySQL queries
  • Self-starter with the ability to solve complex problems and deliver innovative solutions
  • Strong analytical capabilities 
  • Understanding of the different MITRE ATT&CK Matrices
  • Experience working with SigmaHQ open-source framework
  • Experience in GIT and SVN based code management

Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training. Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.