CyberSecurity Detection Engineer
Remote, United States
Avertium
Avertium is a cyber fusion company with a programmatic approach to measurable cyber maturity outcomes.
Avertium is the security partner that companies turn to for end-to-end Cybersecurity solutions that attack the chaos of the cybersecurity landscape with context. By fusing together human expertise and a business-first mindset with the right combination of technology and threat intelligence, Avertium delivers a more comprehensive, more programmatic approach to cybersecurity - one that drives action on the ground and influence in the boardroom. That's why over 1,200 mid-market and enterprise-level organizations across 15 industries turn to Avertium when they want to be more efficient, more effective, and more resilient when waging today's cyber war. Show no weakness.®
Avertium’s Cyber Threat Intelligence team is seeking a detection engineer to create custom detection rulesets and other content for a variety of security platforms, including SIEM, EDR, SOAR, etc. As a Cybersecurity Detection Engineer, you should have a strong understanding of search query languages and log parsing strategies, as well as experience creating custom content for at least one security platform. The successful candidate will have excellent written communication and documentation skills and a strong attention to detail.
Avertium provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Avertium’s Cyber Threat Intelligence team is seeking a detection engineer to create custom detection rulesets and other content for a variety of security platforms, including SIEM, EDR, SOAR, etc. As a Cybersecurity Detection Engineer, you should have a strong understanding of search query languages and log parsing strategies, as well as experience creating custom content for at least one security platform. The successful candidate will have excellent written communication and documentation skills and a strong attention to detail.
Responsibilities:
- Interface with Emergent Threat Researchers to stay apprised of new developments in the cybersecurity threat landscape
- Translate threat intelligence into actionable detection methods
- Develop custom detection content for emergent threats such as zero day exploits, novel TTPs, and threat actors
- Collaborate with Intelligence Systems Integrators on custom tools and applications to enhance and automate detections
- Identify opportunities for automation and build solutions to improve operational efficiency
- Deploy and maintain lab environments for exploit reproduction and malware analysis
- Reproduce and analyze attacks and exploits
- Train engineering teams on detection deployment processes
- Write technical documentation
Qualifications for success:
- Required:
- Proven experience in a similar role
- Experience developing custom detection content for at least one security platform
- Ability to learn new tools and search languages
- Experience with Open Source software with varying levels of documentation
- Natural curiosity
- Preferred
- Experience with SIEMs such as MS Sentinel, Splunk, etc.
- Experience with EDRs such as SentinelOne, CarbonBlack, Cisco AMP, etc.
- Experience with pattern matching languages such as Regex, SIGMA, KQL, etc.
- Experience with data visualization tools such as PowerBI, Grafana, etc.
Avertium provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Tags: Automation EDR Exploit Exploits Grafana Malware Open Source SIEM SOAR Splunk Threat intelligence TTPs
Perks/benefits: Career development Competitive pay Unlimited paid time off
Regions:
Remote/Anywhere
North America
Country:
United States
Job stats:
39
3
0
Category:
Security Engineering Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs