Senior Threat Detection Engineer

We are looking for an experienced Threat Detection Security Engineer who will partner with cross-functional teams in a rapidly growing environment to assess, analyze, and build tailored security detections. You will work in a highly dynamic environment, along with various security experts, to research attack vectors targeting Guidewire and develop high fidelity detection signals that could be consumed by our Incident Response Team. A successful candidate is expected to execute and drive the detection engineering program with minimal guidance.

Responsibilities

• Work closely with the Security Operations Center (SOC) and engineering teams to improve and build new tailored high fidelity security detections.
• Engage with Security SME within the team to build threat detection framework and mature the detection engineering and threat hunting program
• Experience with creating and implementing content in EDR, SIEM, and SOAR
• Develop advanced alerting capabilities based on threat intelligence, post-incident findings, new threats, and vulnerabilities
• Improve threat detection and incident response workflows with automation and enrichments
• Stay informed on modern attack techniques and MITRE TTP’s to integrate knowledge into new detections
• Develop policies, standards and guidelines for threat detection and hunting.
• Support the Security Incident Response team in high impacting events
• Measure and track metrics for the detection engineering process to show progress towards goals and track gaps in detection coverage
•  Participate in Purple Team Exercises focusing on discovering improvement opportunities

Requirements

• 5 years+ experience in threat detection or threat hunting
• Strong experience building detection logic utilizing security logs to detect malicious activity with high fidelity across a broad set of detection use cases
• Broad knowledge of Active Directory, Microsoft Security products, Identity Management, network security, endpoint security, cloud security, vulnerability management, security incident response and malware. 
• Experience with leveraging agile development lifecycle and methodology to operationalize detection engineering program is a plus.
• Experience with building detection signals in cloud environments (AWS/GCP) is a plus.
• Ability to automate solutions to repetitive problems/tasks using scripting languages
• Ability to communicate ideas and proposals concisely, both verbally and written to senior staff members

About Guidewire
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 450 insurers, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.