Blackpoint Cyber is hiring a
Junior Detection Engineer

Summary

The job is for a cybersecurity professional at Blackpoint Cyber, a leading provider of threat hunting, detection, and remediation technology. The role involves creating detection logic, tuning alerts, collaborating with the team, helping design visualizations, assisting the SOC team, reviewing and writing detections based on activity caught and mitigated by the SOC. Required qualifications include 2+ years of experience in an information security role, knowledge of data structures, algorithms, and analysis techniques, etc., and excellent communication skills. Preferred qualifications include a Bachelor’s Degree in Computer Science, proficiency using Power BI data visualization software, certifications like CRTO, eCPTX, etc., network/system administration experience, deep forensic knowledge of Windows, Mac OS and/or Linux, Red Teaming or Penetration Testing experience, Malware Analysis experience, etc.

Requirements

• Two (2+) years of experience in an information security role. Progressive relevant training and/or certification may be substituted for one (1) year of the experience requirement
• Experience working in a Security Operations Center (SOC), Threat Hunting, or Digital Forensics and Incident Response (DFIR), preferred
• One (1+) years of experience with system tuning and/or engineering
• Knowledge of data structures, algorithms, and analysis techniques
• Experience in testing adversary tactics, techniques, and procedures (TTPs) along with creating Yara or Sigma rules for detection of these TTPs
• Knowledge on assessing threat indicators in a Windows Environment (e.g. Malware/Malicious Anomalies/Abnormal network Activity/Root Level Compromise, Forensic Artifacts, etc.)
• Experience with Elasticsearch and Kibana query languages or similar
• Knowledge of attacker tools, including legitimate software abused for malicious purposes
• Familiarity with the relationships between parent and child processes, including their arguments and the ability to identify potential suspicious activities
• Ability to work shifts if required (night, weekends, and day)
• Ability to troubleshoot and debug issues relating to data indexing and data availability
• Excellent communication skills to effectively summarize and present findings and trends
• Ability to work independently with strong problem-solving skills
• Knowledge of code-signing certificates and how they can be utilized for malicious purposes

Responsibilities

• Creation of detection logic and rules for new and emerging threats
• Tune alerts to reduce false positives and ensure detection rules have no gaps in order to maximize the efficiency and accuracy of our best-in-class 24x7 Security Operation Center (SOC) environment
• Collaborate with the team to identify common patterns and trends in customer environments
• Help design and build visualizations for tracking observed trends in the SOC
• Utilize test lab environments to research emerging techniques and make contributions to the internal and external knowledge development of threat operations
• Assist the SOC team with responding to and mitigating active threats and attacks for our customers
• Review and write detections based on activity caught and mitigated by the SOC

Preferred Qualifications

• Bachelor’s Degree in Computer Science, Engineering, or related technical discipline
• Proficiency using Power BI data visualization software
• CRTO, eCPTX, or other relevant certifications
• Network/System Administration experience
• Deep forensic knowledge of Windows, Mac OS and/or Linux
• Red Teaming or Penetration Testing experience
• Malware Analysis (Behavioral and/or Static analysis- IDA, Cuckoo Sandbox, x86/x64 Debugging) Pentesting/Red/Blue Team

Benefits

• Health insurance
• Retirement benefits
• Paid time off
• Remote work, flexible hours
• Life and disability insurance
• Bonuses and incentives
• Professional development opportunities
• Wellness programs
• Family and parental leave