Remote Manager, Detection and Response Engineering

Summary

Join Expel as a Senior Detection Engineer to lead the team that creates alerts for SOC analysts, enabling them to make informed decisions quickly. You'll improve and maintain detection and response strategy, grow a team of skilled engineers, and develop new approaches to detection and response.

Requirements

• Expertise in writing efficient and effective detections for EDRs, ideally at an MDR,a service provider, or as part of a security product’s research team
• Deep understanding of attacker behavior, mapping that behavior to MITRE ATT&CK, building coverage around that behavior, and measuring that coverage at scale
• Experience using response automation to improve detection efficacy
• Familiarity with a range of detection and response tools including but not limited to EDR, NSM, EUBA, SIEM, and cloud detection and response products
• Proficient in Python or Golang programming languages
• Understanding of various operating systems and cloud service platforms
• The ability to analyze event and systems logs, perform forensic analysis, analyze malware, and other incident response related data, as needed
• Knowledge of attack surfaces and corresponding attacker tactics, techniques and procedures
• Comfortable with enterprise security architecture, detection, and response
• Ability to identify relevant data sources, normalize them across toolsets, and work with detection engines to drive effective correlation, automation and orchestration
• Education and Experience: Extensive experience in threat detection and incident response within the context of a managed service, incident response consulting organization, or for a security product’s research team
• Experience mentoring or managing security analysts, researchers, engineers, or data scientists
• Bachelor’s degree or compelling story
• 5+ years of related professional experience

Responsibilities

• Improve and maintain the detection and response strategy of Expel's Workbench platform in order to meet the scale of our growing customer base
• Grow a team of skilled detection engineers with deep EDR detection writing experience
• Lead your team to grow a sustainable model for continuously adding content to Expel's product
• Maintain and evolve a detection and response strategy that meets the needs of all of our customers, in terms of both coverage and efficiency
• Consistently develop and maintain a deep understanding of adversary behavior, tools, and techniques to drive forward new approaches to detection and response
• Continuously provide feedback and coaching to inspire a high-performing team of detection and response engineers
• Collaborate with sister teams, UX, product management, and senior leadership
• Shape how the security industry thinks about detection and response at scale by creating new and novel approaches for SOC analysts investigating and responding to alerts in a queue

Benefits

25 days annual leave in addition to public holidays, parental leave, and excellent health benefits are some of the ways we care for our Expletives