CyberSecurity Detection Engineer

Remote, United States

Applications have closed

Avertium

Avertium is a cyber fusion company with a programmatic approach to measurable cyber maturity outcomes. 

View company page

Avertium is the security partner that companies turn to for end-to-end Cybersecurity solutions that attack the chaos of the cybersecurity landscape with context. By fusing together human expertise and a business-first mindset with the right combination of technology and threat intelligence, Avertium delivers a more comprehensive, more programmatic approach to cybersecurity - one that drives action on the ground and influence in the boardroom. That's why over 1,200 mid-market and enterprise-level organizations across 15 industries turn to Avertium when they want to be more efficient, more effective, and more resilient when waging today's cyber war. Show no weakness.®
Avertium’s Cyber Threat Intelligence team is seeking a detection engineer to create custom detection rulesets and other content for a variety of security platforms, including SIEM, EDR, SOAR, etc.  As a Cybersecurity Detection Engineer, you should have a strong understanding of search query languages and log parsing strategies, as well as experience creating custom content for at least one security platform.  The successful candidate will have excellent written communication and documentation skills and a strong attention to detail. 

Responsibilities:

  • Interface with Emergent Threat Researchers to stay apprised of new developments in the cybersecurity threat landscape 
  • Translate threat intelligence into actionable detection methods 
  • Develop custom detection content for emergent threats such as zero day exploits, novel TTPs, and threat actors 
  • Collaborate with Intelligence Systems Integrators on custom tools and applications to enhance and automate detections 
  • Identify opportunities for automation and build solutions to improve operational efficiency 
  • Deploy and maintain lab environments for exploit reproduction and malware analysis 
  • Reproduce and analyze attacks and exploits 
  • Train engineering teams on detection deployment processes 
  • Write technical documentation 

Qualifications for success:

  • Required:
  • Proven experience in a similar role 
  • Experience developing custom detection content for at least one security platform 
  • Ability to learn new tools and search languages 
  • Experience with Open Source software with varying levels of documentation 
  • Natural curiosity 
  • Preferred 
  • Experience with SIEMs such as MS Sentinel, Splunk, etc. 
  • Experience with EDRs such as SentinelOne, CarbonBlack, Cisco AMP, etc. 
  • Experience with pattern matching languages such as Regex, SIGMA, KQL, etc. 
  • Experience with data visualization tools such as PowerBI, Grafana, etc. 
In addition to a career in the challenging world of cyber security, Avertium offers competitive salaries, full benefits, unlimited paid time off, participation in 401(k), and opportunities for professional growth and development. We offer the opportunity to work with cutting-edge security technologies in a stimulating work environment.
Avertium provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Tags: Automation EDR Exploit Exploits Grafana Malware Open Source SIEM SOAR Splunk Threat intelligence TTPs

Perks/benefits: Career development Competitive pay Unlimited paid time off

Regions: Remote/Anywhere North America
Country: United States
Job stats:  39  3  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.