Senior Detection Engineer

The Senior Detection Engineer will serve as a technical expert within the Cyber Defense organization and report directly to the Senior Manager of Security Detection Engineering. The Senior Detection Engineer builds, tests, maintains, and troubleshoots security alerts for use by monitoring teams, maintain and contributes to team operations, and supports complex investigations as necessary. The Senior Detection Engineer will also help make decisions or recommendations to continuously improve security monitoring within the Cox Communications environments. Successful candidates will demonstrate a strong business acumen and possess a blend of general business, technology, and security competencies. This is a unique opportunity to work for a private telecommunications company protecting national critical infrastructure.
Primary Responsibilities:

• Develop, validate, and operationalize monitoring of detection content for SIEM and EDR platforms
• Scope, design, develop and maintain SOAR automations
• Review and remediate alert false positives and SOC tuning requests.
• Troubleshoot log parsing and detection logic in SIEM and EDR platforms.
• Coordinate with and support work by third parties such as Managed Security Service Providers (MSSPs), professional service providers, and project managers.
• Explore and assess potential log sources for investigative and/or detection relevance.
• Participate and engage in purple team campaigns to enhance and develop detection use cases.
• Contribute to Cyber Defense projects, meetings, and ad-hoc requests.
• Assist training of SOC analysts on analysis techniques and detection methodologies.
• Development and maintenance of SDE team policies and procedures.

Qualifications:
Minimum Requirements:

• Bachelor's degree in a related discipline (e.g., Computer Science, Cybersecurity, Information Systems, Engineering, etc.) and 4 years of experience in a SOC related role
  • The right candidate could also have a different combination, such as a master's degree and 2 years' experience; or 8 years' experience in a SOC related role in lieu of degree
• Hands-On experience administering an enterprise level SIEM including maintaining large set of log parsers, correlation rules, and large-scale deployments.
• Experience developing and maintaining detection content in EDR Platforms (CrowdStrike Carbon Black, SentinelOne, etc.)
• Experience using Python, PowerShell, or equivalent scripting language for SOAR automations or data source integrations for a SIEM.
• Experience configuring or maintaining log collection pipelines and parsing log data in formats such as Syslog, JSON, XML, or CEF within SIEM or EDR platforms

Preferred:

• Experience with threat modeling complex applications and large environments
• Familiarity with the usage of REST API for automation or scripting
• Experience threat hunting attacker TTPs across endpoint and network telemetry
• Experience as a stakeholder with large enterprise cybersecurity projects
• Ability to perform independent analysis, distill relevant findings and root cause.
• Ability to communicate complex ideas clearly and effectively using written and verbal communication
• Strong knowledge of network protocols, authentication mechanisms, network and endpoint preventative controls, and operating systems
• Maintains an industry certification such as: CISSP, GCIH, OSCP, CISM, etc

USD 99,000.00 - 165,000.00 per year
Compensation:
Compensation includes a base salary of $99,000.00 - $165,000.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate's knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.
Benefits:
The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company's needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave.