Senior Detection Engineer

BeyondTrust is a place where you can bring your purpose to life through the work that you do, creating a safer world through our cyber security SaaS portfolio.

Our culture of flexibility, trust, and continual learning means you will be recognized for your growth, and for the impact you make on our success. You will be surrounded by people who challenge, support, and inspire you to be the best version of yourself.

The Role:

As a Senior Detection Engineer, you’ll use your deep security domain knowledge to help build a new ITDR solution with a security lake at its center. You’ll become an identity security expert, and along with a team of like-minded individuals you will figure out new and innovative ways to counter modern identity threats, setting a clear vision for the detection portion of the product and driving and implementing our detection roadmap. You will be challenged daily with some of the hardest technology and security problems within the company.

What You’ll Do:

• Define and deliver innovative solutions for detecting identity-based attacks and vulnerabilities using rule-based analytics, behavioral analytics, and machine learning.
• Provide technical leadership to support product and engineering teams developing threat detection and response capabilities.
• Explore customer data using spark and other tools to test detection hypotheses.
• Implement detections using pyspark and spark sql.
• Continuously collect and analyze telemetry from detections in the field and tune them for quality.
• Develop ML models to support advanced detections.
• Build custom representations of data (e.g. graphs) to support other advanced detections.

What You’ll Bring:

• Experience working and querying SIEM tools or other log-based data
• Experience in engineering event detection & response tuning
• Knowledge of MITRE ATT&CK framework and general adversarial / defensive security techniques
• Ability to engineer creative, scalable, and out-of-the-box solutions
• Up to date with engineering best practices, security technology trends, tools, and frameworks
• Experience in developing detections for attacker tactics, techniques, and procedures (TTPs)
• Preferred: Knowledge of cloud technologies, virtualization, containers, service-mesh
• Big data experience or a willingness to learn!

Technologies You Should Know

• Preferred: Spark
• Required: Python
• Preferred: Big data experience
  
  

Better Together

Diversity. Inclusion. They’re more than just words for us. They are the guiding values of how we build our teams, cultivate leaders, and create a culture where people feel connected.

We take care of our employees so they can take care of our customers. Customers who come from all walks of life just like us. We hire incredible people from diverse backgrounds because when we are different together, we are stronger together.

About Us

BeyondTrust is the worldwide leader in intelligent identity and access security, empowering organizations to protect identities, stop threats, and deliver dynamic access to empower and secure a work-from-anywhere world. Our integrated products and platform offer the industry's most advanced privileged access management (PAM) solution, enabling organizations to quickly shrink their attack surface across traditional, cloud, and hybrid environments.

Learn more: www.beyondtrust.com