Lead Security Analyst - Detection Engineering
Location
Pune | India
Job description
Experience- 5-10 years
Must Have: SPL/KQL Language
- Writing queries to detect various threats
- MITRE ATT&CK Matrix Framework
- SIEM tools: (Splunk, Devo, and Sumo Logic)
- EDR tools: (Palo Alto Cortex, SentinelOne, CrowdStrike, Trend Micro, Carbon Black, Cylance)
Role & Responsibilities Hands-on experience with creating threat detection and investigating alerts in one or more of the following security technologies (hiring multiple roles):
Microsoft: Sentinel, Defender for Endpoint, 365 Defender, Defender for Cloud, Defender for IOT
Endpoint Detection and Response (EDR) vendors: Palo Alto Cortex, SentinelOne, CrowdStrike, Trend Micro, Carbon Black, Cylance
SIEM: Splunk, Sumo Logic, Devo
Review out-of-the-box threat content from the source vendors for accuracy, enhance as needed to ensure SOC Analysts are able to investigate and respond efficiently
Curate community-sourced threat content and verify/correct for accuracy
Build or modify existing queries to extract additional information to aid alert resolution
Creation of documentation for SOC Analyst workflow and recommended investigation/remediation steps
Map threat detection content to the MITRE ATT&CK framework to help display product coverage
Keep up to date on the latest security product features to ensure content is as efficient as possible
Experience or familiarity with GitHub, Jira, and Confluence
Clear and organized communication skills both speaking and writing in English
Demonstrated ability to work independently, meet targets and deadlines, incorporate performance improvement feedback, and learn new processes
Experience Required 3 Years of Security Analyst Experience
3 years of Threat Detection Engineering experience (modification and creation)
Experience with the MITRE ATT&CK Matrix Framework or other similar industry standards.
Other Technical Skills Ability to work through never before seen alerts with little to no oversight
Experience Training Others And Documenting Investigation Procedures Agile Methodology (Kanban)
Job tags
Salary