WHAT YOU’LL DO:

📍Help lead the overall detection and response strategy 📍Continually improve our ability to monitor for anomalies and detect malicious activity 📍Analyze applications and systems to identify relevant data sources for threat detections 📍Tune and test detection logic to reduce false positives and noise 📍Work with technology vendors to optimize security services for peak effectiveness 📍Research and collaborate internally and externally on open-source solutions 📍Automate response processes with SOAR and related technologies 📍Act in a purple team capacity to ensure effectiveness of security systems and controls 📍Participate in cross-functional security functions to help drive continual program improvements

WHAT YOU'LL BRING:

📍5+ years of experience working within a security operations environment 📍At least year of experience in writing detections, SIEM rules, or EDR 📍Significant experience with standard incident response processes 📍Expertise in a broad range of information technologies, such as public cloud infrastructure (AWS,GCP), authentication systems, vulnerability management solutions, network infrastructure, etc. 📍Someone that has contributed to the development of detection and alerting pipelines 📍Experience in dissecting attacker methodologies and techniques 📍Comprehensive understanding of product and infrastructure logs from a security perspective 📍Experience building and delivering projects from start to finish 📍Knowledge of a broad range of attacker tactics, techniques, and procedures (TTP’s) 📍Above all, a team player that can handle challenging situations, a rapidly maturing security culture, and an eagerness to mentor less experienced engineers