Remote Security Detection Engineer

Description:

• Thrive is seeking a Security Detection Engineer to enhance its cybersecurity detection program.
• This role involves developing alerting rules, hunts, queries, and reports, as well as implementing and refining SIEM & Detection tooling and procedures.
• The engineer will analyze attacker tactics, techniques, and procedures (TTPs) to develop countermeasures and collaborate with the team to strengthen security controls.
• Responsibilities include guiding the SOC team in improving threat detection, managing security gap analyses, and overseeing the Security Lab for testing attack methods.
• The position also requires researching emerging threats to refine detection strategies and managing KPIs to track and enhance the effectiveness of threat detection efforts.

Requirements:

• A Bachelor’s degree in computer science, Information Technology, or a related field is required.
• Relevant certifications such as Security+, CySA+, or Network+ are necessary.
• Candidates should have 3-5 years of experience in cybersecurity or a related field.
• A firm understanding of attacker tactics, techniques, procedures, and means of detection is essential.
• Solid knowledge of the MITRE ATT&CK and Cyber Kill Chain frameworks is required.
• Understanding of common enterprise technologies and logging capabilities, including Cloud, IDS/IPS, Firewalls, Active Directory, Anti-Virus/EDR, Proxies, and Email Gateway is necessary.
• The ability to engineer creative, scalable, and out-of-the-box solutions is important.
• Candidates must stay updated with engineering best practices, security technology trends, tools, and frameworks.
• Experience with scripting languages such as Python or PowerShell is required.
• Knowledge of cloud security platforms like Azure, AWS, or GCP is necessary.
• The ability to work effectively in a team environment and collaborate with team members and other stakeholders is essential.
• Familiarity with common security technologies, such as firewalls, intrusion detection/prevention systems, and antivirus software is required.
• A basic understanding of networking concepts and protocols (TCP/IP, DNS, HTTP) is necessary.
• Strong problem-solving and analytical skills are essential.
• Excellent communication and interpersonal skills are required.
• The ability to work independently and as part of a team is necessary.
• Candidates must be able to communicate security information to non-technical individuals.
• Demonstrating comprehension of good security practices is essential.
• Knowledge of risk assessment tools, technologies, and methods is required.

Benefits:

• Thrive offers a dynamic work environment that encourages personal and professional growth.
• Employees will have access to training and development opportunities to build a lucrative career.
• The company promotes a "work hard, play hard" culture, fostering a balance between productivity and enjoyment.
• Employees can expect to work with cutting-edge technology and innovative solutions in the cybersecurity field.
• Thrive values a collaborative team atmosphere, providing support and guidance to enhance individual and team performance.