Detection Engineer

Logo of Tanium

Tanium

πŸ’΅ $85k-$260k
πŸ“Remote - United States

Job highlights

Summary

Join Tanium as a Detection Engineer and contribute to the development and improvement of our internal cybersecurity detection program. Collaborate with various teams to enhance threat models and detection mechanisms, ensuring comprehensive coverage and quality. This role requires a balance of strategic thinking and hands-on execution, prioritizing and closing detection gaps. You will create and enhance detection mechanisms, ensuring alerts are properly transitioned to the security operations team. This remote position offers flexible working hours, with occasional work outside of normal business hours for incident response. The role involves continuous improvement efforts and collaboration with multiple teams to improve security operations.

Requirements

  • In accordance with Department of Defense requirements, applicants for this role must be a U.S. citizen, national, or resident pursuant to 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3)
  • 2+ years working in a Security Operations or equivalent role
  • 2+ years responding to threats in cloud environments (Azure and AWS preferred)
  • Working knowledge of common frameworks (Mitre ATT&CK)
  • Ability to use data to derive meaningful metrics to drive prioritization
  • Firm understanding of attacker tactics, techniques, and procedures and means of detection
  • Ability to synthesize risks and derive detection countermeasures
  • Proficiency with security tools and platforms (e.g., SIEMs, vulnerability scanners, and malware analyzers)
  • Familiarity with IDS/IPS systems and endpoint Antivirus and EDR products

Responsibilities

  • Drive a comprehensive security detection strategy applied consistently across the organization
  • Develop comprehensive reports and metrics on the efficacy and long-term tracking of detection coverage
  • Drive continuous development and tuning of detection measures
  • Partner with security teams and business units to define appropriate log visibility & detection related gaps
  • Lead continuous improvement efforts to evaluate detection capabilities & related tooling efficiency
  • Build innovative ways to detect potential threats within on premise and cloud environments
  • Collaborate with operations personnel to prioritize and close detective gaps
  • Work with security architects and engineers to develop detective compensating controls based on threat models
  • Drive standardization and repeatable processes and procedures within operations as it pertains to responding to threats
  • Participate in the development and execution of threat hunting exercises
  • Develop, implement, document and maintain SIEM & Detection engineering tooling management controls, standard operating procedures, narratives and test scripts
  • Plan, run, and participate in table top exercises
  • Collaborate with engineering teams to develop automation to improve the efficiency of security operations
  • Provide incident response support
  • Leverage threat intelligence reporting to develop new detection capabilities
  • Analyze malware and exploit techniques in a lab environment

Preferred Qualifications

  • Malware analysis experience preferred
  • Working knowledge of Python or other scripting languages preferred

Benefits

  • This position is available for remote workers with flexible working hours
  • Medical, dental and vision plan
  • Family planning benefits
  • Health savings account
  • Flexible spending account
  • Transportation savings account
  • 401(k) retirement savings plan with company match
  • Life, accident and disability coverage
  • Business travel accident insurance
  • Employee assistance programs
  • Disability insurance
  • Other well-being benefits
  • Equity awards
  • 5 days set aside as volunteer time off (VTO)

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.

Similar Remote Jobs

Please let Tanium know you found this job on JobsCollider. Thanks! πŸ™