Threat Detection Engineer

Job Title Threat Detection Engineer Relevant Experience (in Yrs) 6+ Technical/Functional Skills ELK stack, Fireeye HX, Sysmon, Winlogbeat Experience Required 6+ Roles & Responsibilities Technical knowledge to write & develop rules for CIRT analysis, experience on ELK stack, Fireeye HX, Sysmon, Winlogbeat, CI-CD pipeline. • Deep understanding of cyber threat actor attacker techniques and tools (such as malware, common attack types) including evasion techniques, reconnaissance, scanning, exploitation, evasion, lateral movement, persistence, and exploits), proficient with MITRE ATT&CK • Deep understanding of security operations center processes, tools, and data for analysis & control mitigations, security event timeline analysis and baselining with experience in the analysis of logs and data for the development and implementation of custom detections to counter attacker techniques, known vulnerabilities and evasion methods • Security architecture (network topology, firewalls, proxies, web content filtering, wireless, EDR, IDS, IPS, SIEM, SOAR, etc.) • Network data sources (full packet analysis, flow data, dns logs, proxy logs, NIDS, etc.) • Knowledge and experience with common scripting languages and tools Python, PowerShell, Bash, YAML • Deep knowledge of compound logical operations (AND, OR, NOT), regular expressions • Experience extracting data from logs, SQL, and APIs • Knowledge and experience with tools used to build threat detections (Elastalert, Logstash, Kibana (ELK), Fireeye HX, Sysmon, Winlogbeat, Linux Auditd) • Deep understanding and experience with Operating Systems Including: Administration, configuration, registry, processes (Windows, Mac, and Linux) • Experience in red team/blue team/incident responder interactions • Understanding of CI/CD pipelines • Experience with source control tools (Git Generic Managerial Skills Good Communication, Team coordination and Status update to customers Education B. Tech Start date (dd-mmm-yy) 04-MAY-23 Duration of assignment (in Months) 3 to 6 Months Work Location (State, City and Zip) Remote, San Antonio,TX Base salary range 120-125k Key words to search in resume Develop Use cases for Threats, Python, Bash scripting Prescreening Questionnaire Do you have experience in (Elastalert, Logstash, Kibana (ELK) & Develop Use cases for Threats Apply tot his job