Back to Job Search

Threat Detection Operations Engineer

  • Location: Plano, Texas, 75024
  • Salary: 65.0
  • Job Type:Contract

Posted about 1 month ago

This international network integration leader has an immediate 6-12+ month contract opportunity in Plano, TX for a Threat Detection Operations Engineer. Will be working remotely initially but must be available to work onsite in Plano, TX in the future. The Threat Detection role focuses on creating detection logic tailored to enterprise threat landscape by using industry-specific intelligence and developed use cases. In this role the candidate is expected to work closely with Security Engineering in onboarding new data sources and with Cyber Threat Intelligence (CTI) personnel for development of relevant threat hunting and alerting use cases across various networks, while maintaining general threat detection process and platform.

KEY RESPONSIBILITIES:
  • Conduct threat detection, incident handling and hunting activities by leveraging security best practices and current detection/response platforms.
  • Classify and prioritize threats through use of cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed.
  • Develop use cases and create threat detection logic, rules, and alerting in SIEM for response by the Security Operations team.
  • Work with leadership and stakeholders to recommend/implement processes, procedures, and technologies to improve the detection efforts.
  • Operationalize Indicator of Compromise from intelligence feeds by developing, testing, and creating new alerting in the SIEM.
  • Support the 24/7 Security Operations and Incident Response teams.
MINIMUM QUALIFICATIONS:
  • 3+ years of experience in one or more of the following areas: offensive/defensive hunt techniques, malware analysis and Incident Response.
  • Experience with content development and alert tuning.
  • Expert knowledge of network monitoring and network exploitation techniques
  • Ability to demonstrate analytical expertise, close attention to details, excellent critical thinking and learn and adapt quickly.
  • Ability to learn and operate in a dynamic environment.
  • Strong written communication skills.
  • Experience working with cyber security tools and software such as Splunk, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets.
PREFFERED QUALIFICATIONS:
  • BA/BS or MA/MS in Engineering, Computer Science, Information Security, or Information Systems.
  • Certifications such as GCFA, GREM or OSCP/OSCE
  • Experience with scripting or programming languages such as Python, Bash or PowerShell.
  • Experience with IOC related tools (e.g., YARA, OpenIOC)
  • Experience with orchestration and automation tasks related to threat hunting and alert development.
  • Experience with noise reduction/tuning F+.
  • Threat hunter experience.
  • Reverse engineering, malware analysis.