Threat Detection Engineer
 TEKsystems | |
$55.00 / hr
| |
life insurance, sick time, 401(k), retirement plan
| |
 | |
 Mar 01, 2025 | |
|
1. Threat Detection Engineer with experience utilizing MITRE ATT&CK Framework for advisory support on threat detection creation, gap assessment and analysis
- Will be standing up threat management solution to move toward a detection management life cycle (SnapAttack or CardinalOps) 2. Apply expertise threat detection expertise within Splunk, Crowdstrike, Sentinel One, Cloud (GCP preferred), Kubernetes and Anthos 3. Develop and maintain automation scripts and tools to streamline security detection operations and response 4. Work collaboratively across the Threat Intel and Security Operations teams 5. Work within Confluence or Jira for tracking and documentation Job Description We are seeking a talented and motivated Sr. Detection Engineer to join our team. As a part of the Detection Engineer, you will play a pivotal role in implementing, maintaining and advancing our threat detection mechanisms in to protect our critical business operations. Currently the team has detections and need documentation, refinement and solutioning for these detections. Job Summary: As a Detection Engineer, your primary focus will be on implementing, configuring, and maintaining security detection rules and mechanisms within our on-premise and Google Cloud environments. Your expertise will contribute to our mission of safeguarding our assets and ensuring the highest level of security for our cloud infrastructure. This role requires in-depth knowledge of detection engineering, incident response, investigations, and emerging threat trends. Key Responsibilities: * MITRE ATT&CK Framework: Utilize the MITRE ATT&CK Framework for threat detection creation, gap assessment and analysis. * Security Detection Implementation: Implement, configure, and maintain security detection rules and mechanisms, including intrusion detection, anomaly detection, and log analysis tools, to identify and respond to security incidents. * Security Operations : Play a critical role in the day-to-day security operations, including monitoring, tuning, analysis, and proactive threat hunting. * Incident Response: Lead incident response efforts, investigate security incidents, conduct root cause analysis, and implement corrective measures. * Kubernetes Incident Response: Apply expertise in Kubernetes for incident response and forensic analysis * Security Automation: Develop and maintain automation scripts and tools to streamline security detection operations and response. * SOAR Playbooks: Build, design, run, and troubleshoot playbooks within a SOAR (Security Orchestration, Automation, and Response) solution to automate incident response processes. * Documentation: Maintain comprehensive documentation of security detection configurations, incident response procedures, and investigations. * Stay Current: Stay up-to-date with the latest security threats, vulnerabilities, and industry trends to proactively enhance security detection measures. * Experience with Splunk, Crowdstrike, Senntinel One, Kubernetes, Cloud (GCP preferred with Anthos) Additional Skills & Qualifications* Experience with cloud security detection tools and technologies, including intrusion detection, anomaly detection, and log analysis. * Bachelor's degree or a related field experience Google Cloud Professional Cloud Security Engineer certification or equivalent experience * Proficiency in scripting and automation (e.g., Python, Bash). * Experience in incident response, investigations, and security operations. * Proficiency in Kubernetes with a focus on incident response and forensic analysis. * Familiarity with the MITRE ATT&CK Framework for threat detection and mitigation. * Experience working with Splunk Enterprise Security or similar SIEM solutions. * Excellent problem-solving and analytical skills. * Strong communication and teamwork skills. * Relevant certifications such as CISSP, GCIH, GCIA, Certified Kubernetes Administrator (CKA), or Splunk certifications are a plus *Pay and Benefits* The pay range for this position is $55.00 - $55.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: * Medical, dental & vision * Critical Illness, Accident, and Hospital * 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available * Life Insurance (Voluntary Life & AD&D for the employee and dependents) * Short and long-term disability * Health Spending Account (HSA) * Transportation benefits * Employee Assistance Program * Time Off/Leave (PTO, Vacation or Sick Leave) *Workplace Type* This is a hybrid position in Remote,OR. *Application Deadline* This position is anticipated to close on Mar 5, 2025. About TEKsystems: We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law. | |