Job Description

• The Cybersecurity Threat Detection Engineer will be responsible for working with all levels of the security program from senior level management to technical rule development engineers and must be able to communicate and present ideas, solutions and evidence using charts and visual workflows.
• They will perform business use requirement reviews and development with senior level business and application owners.
• They will work with threat intelligence analysts to understand the threats environment and assist in the development of use cases.
• They will work with monitoring, triage, and response analysts to understand their visibility requirements.
• They will prioritize the use case road map and lead the use case development work, along with several members of the use case development team.
• They will be highly organized and able to manage and work on multiple workstreams at the same time efficiently.

• 5+ years experience working in a security operations team
• Proficient with Splunk-like query languages, such as eql, kql, etc.
• Strong understanding of EDR tools and query languages
• Proficient in AQL searching as well as AQL logic imbedded within rules
• Expert in Regular expression
• Broad experience in computer and network systems, including IT security.
• Experience in developing, deploying, and operating applications, software, and services.
• Leadership to drive best practices across organizations.
• Experience in collaboration and unifying business areas to ensure business needs are met.

• Proficient in Qradar rule creation and modification
• Good understanding of network fundamentals
• Good understanding of syslog fundamentals
• Strong understanding of QRadar reference sets, reference tables, reference maps and how they interact with rul

Job Tags

Similar Jobs