Detection Security Engineer

Our client: US-based cybersecurity company headquartered in New York City

Location: Remotely from Poland

Rate: 45 - 55 USD per hour + VAT

Working time: 15:00- 23:00 (Polish time), business trips up to 10% of working time

Cooperation model: B2B

Start date: ASAP

Recruitment process: 2-3 interviews (screening and two technical interviews about 30 min)

Our Client is a US-based cybersecurity company headquartered in New York City whose mission is to support its clients in mitigating cyber threats. They are focused on three main areas: Cyber Breach Response, Cloud Security Services, and Proactive Cyber Services. Their military-grade professionals have decades of experience in cyber operations and apply their knowledge of the attacker perspective to facilitate efficient, effective, and scalable responses to cyber breaches. Their growing team combines operational and technological disciplines with instinctual methods to keep their client’s information safe.

Your role is to:

-> Identify areas for improvement and take accountability to drive security topics forward within and outside the team;

-> Develop Security Information and Event Management (SIEM) content, focusing on the Google Cloud Platform, including detection use cases, reports, network and asset model management, dashboards, rules/logic, documentation, and process establishment;

-> Collaborate with other security specialists and experts to support the architecture, design and implementation of services and processes to support our mission of detecting cyber threats;

-> Work in close cooperation with Cyber Intelligence, Incident Response, and the Security Operations Centre for the purpose of extending and strengthening the division’s capabilities relating to threat analytics for cloud service;

->This will include managing and overseeing a range of sophisticated tools and services aimed at detecting cyber threats/incidents and responding to them in a determined manner.

Your skills and experiences:

-> Min.3 years of hands-on experience with GCP/AWS or alternatively MS Azure;

-> At least 3 years of work experience in the fields of: Encryption, IAM (Identity & Access Management), Security Monitoring & Incident Response, Network Security, Pen Testing, Security Operations;

-> Experience in SIEM solutions (Splunk, LogRhythm, QRadar) including working with cloud-based SIEM solutions (Splunk, Chronicle, Sentinel);

-> Experience with industry-known detection query languages: YARA, YARA-l, SPL, etc.;

-> Familiarity with Cyber Security Incident Response or computer forensic processes, or a strong interest and capability to learn the fundamentals of security operations within a short time;

-> Experience in automating smaller tasks in a short amount of time, e.g., with scripting languages such as GCP CLI, PowerShell, Go, Python, etc.;

-> Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes within SaaS, IaaS, PaaS, and other cloud environments;

-> Strong English skills (C1).

Our client offers:

+ A possibility to join a team of security consultants investigating computer crimes and breaches that make the headlines – and many more that don’t;

+ Great opportunity for personal development in a stable and friendly multinational company;

+ Competitive salary;

+ Remote work together with participation in global projects;

+ A possibility of growing your craft alongside like-minded professionals.

If interested, please apply safely through this portal (application rules are in accordance with GDPR). Employment agency Nr 17138.