Threat Detection Engineer
US Remote
Box
Box empowers your teams by making it easy to work with people inside and outside your organization, protect your valuable content, and connect all your apps.The Threat Detection Engineer is responsible for threat hunting and detection within the Threat Operations Team. This role will collaborate with other teams within Security Operations, IT, and Engineering to identify and remediate detection gaps. The Detection Engineer will also work with the Intelligence Team to assess and prioritize behaviors to hunt and build automated detections.
WHAT YOU'LL DO- Build, test and deploy detection analytics based on research of novel attack techniques and real world threats to Box.
- Work closely with our Incident Response Team to improve the fidelity, context and automation of new and existing alerting.
- Identify and assist service owners with logging configuration to eliminate gaps in logging visibility.
- Work closely with our Offensive Security Team to identify and develop solutions for gaps in detection coverage.
- Participate in Purple Team exercises to improve and validate detections
- Work closely with our Intelligence Team to focus detection efforts on prioritized threat behaviors.
- Participate in after hours on-call rotation when required
- A Bachelors degree in computer science, cybersecurity, mathematics, data science or related fields, or equivalent work experience.
- 4+ years of experience in a security operations role.
- You are comfortable (and enjoy!) searching through TB's of data in a SIEM to find interesting patterns (i.e. Splunk, ELK, etc.).
- You are familiar with Splunk Processing Language (SPL) or SQL and want to become a power user.
- You have worked as an incident responder or have partnered closely with an incident response team.
- You are comfortable writing small scripts in python or similar scripting languages.
- You have an understanding of how attackers leverage commonly used MITRE ATT&CK techniques and common ways to detect them.
- You are familiar with reviewing logs from various Operating Systems (MacOS, Linux, Windows)
- Visit this webpage to check out all of our exciting healthcare benefits: https://join.collectivehealth.com/box
- For all other benefits, please check out: Box Benefits + Perks
Tags: Analytics Automation Cloud Computer Science ELK Incident response Linux MacOS Mathematics MITRE ATT&CK Offensive security Privacy Python Scripting SIEM Splunk SQL Threat detection Windows
Perks/benefits: Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open IPS-related jobs
- Open CEH-related jobs