Detection Engineer

Identified Talent Solutions

Phoenix, Arizona(remote)

JOB DETAILS
SKILLS
Analysis Skills, Automation, Bash Scripting, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, Computer Science, Computer Security, Documentation, Enterprise Protection, Forensic Science, GCIA - GIAC Certified Intrusion Analyst, GCIH - GIAC Certified Incident Handler, GCP (Good Clinical Practices), Gap Analysis, Hunting, Identify Issues, Incident Response, Industry/Trade Analysis, Information/Data Security (InfoSec), Intrusion Detection Systems, Operations, Problem Solving Skills, Python Programming/Scripting Language, Root Cause Analysis, Scripting (Scripting Languages), Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Splunk, Team Player
LOCATION
Phoenix, Arizona
POSTED
30+ days ago

Job Summary: We are seeking a skilled Detection Engineer to join our team, focusing on implementing, configuring, and maintaining security detection rules and mechanisms within our customers' on-premise and Google Cloud environments. The ideal candidate will have extensive knowledge in Blue Team operations, day-to-day SOAR activities, Google Cloud Platform (GCP), security automation, and Kubernetes. Your expertise will help protect our customers' assets and ensure top-tier security for their cloud infrastructure.

Key Responsibilities:

  1. MITRE ATT&CK Framework: Utilize the MITRE ATT&CK Framework for threat detection creation, gap assessment, and analysis.
  2. Security Detection Implementation: Implement, configure, and maintain security detection rules and mechanisms, including intrusion detection, anomaly detection, and log analysis tools to identify and respond to security incidents.
  3. Security Operations: Play a critical role in daily security operations, including monitoring, tuning, analysis, and proactive threat hunting.
  4. Incident Response: Lead incident response efforts, investigate security incidents, conduct root cause analysis, and implement corrective measures.
  5. Kubernetes Incident Response: Apply expertise in Kubernetes for incident response and forensic analysis.
  6. Security Automation: Develop and maintain automation scripts and tools to streamline security detection operations and response.
  7. SOAR Playbooks: Build, design, run, and troubleshoot playbooks within a SOAR (Security Orchestration, Automation, and Response) solution to automate incident response processes.
  8. Documentation: Maintain comprehensive documentation of security detection configurations, incident response procedures, and investigations.
  9. Stay Current: Keep up-to-date with the latest security threats, vulnerabilities, and industry trends to proactively enhance security detection measures.

Qualifications:

  • Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
  • Google Cloud Professional Cloud Security Engineer certification or equivalent experience.
  • Extensive experience with cloud security detection tools and technologies, including intrusion detection, anomaly detection, and log analysis.
  • Proficiency in scripting and automation (e.g., Python, Bash).
  • Proven experience in incident response, investigations, and security operations.
  • Strong proficiency in Kubernetes with a focus on incident response and forensic analysis.
  • Familiarity with the MITRE ATT&CK Framework for threat detection and mitigation.
  • Experience working with Splunk Enterprise Security or similar SIEM solutions.
  • Excellent problem-solving and analytical skills.
  • Strong communication and teamwork skills.
  • Relevant certifications such as CISSP, GCIH, GCIA, Certified Kubernetes Administrator (CKA), or Splunk certifications are a plus.
 ***100% REMOTE***

About the Company

I

Identified Talent Solutions