Threat Detection Researcher

Summary

Join Deepwatch's team of cybersecurity professionals as a Threat Detection Researcher. You will contribute to the development, improvement, and validation of cybersecurity detection strategies. Responsibilities include researching new threats, creating and tuning detections, and ensuring effective coverage. This role requires experience with SIEM tools, EDR platforms, and various security frameworks. Deepwatch offers competitive compensation, including stock options and a comprehensive benefits package.

Requirements

• Experience with Google SecOps / Yara-L
• Cybersecurity experience in a technical role or experience working in a SOC/MDR/MSSP
• Ability to engineer creative, scalable, and out-of-the-box solutions
• Stay up to date with cybersecurity best practices, security technology trends, tools, and frameworks
• Experience working with and creating detections for SIEM tools and/or EDR platforms
• Understanding of common enterprise technologies and logging capabilities including Cloud, IDS/IPS, Firewalls, Active Directory, Anti-Virus/EDR, Proxies, and Email Gateway
• Understanding of various attack frameworks such as MITRE ATT&CK and general adversarial / defensive security techniques (e.g. the Cyber Kill Chain, and NIST)
• Ability to communicate and document technical information effectively towards various audiences
• Experience working with version control systems to facilitate documentation of detection signatures
• Understanding of Threat Actors and their corresponding TTPs
• Ability to translate forensic and threat intelligence reports into detection capabilities
• Experience working with lab environments and simulation tools to test detection efficacy
• Understanding of sigma/yara as a detection framework
• Be interested in and able to work remotely from a home office when not at a corporate office
• Pass a pre-employment background and drug screen in accordance with applicable laws

Responsibilities

• Evaluate current monitoring and detection capabilities to identify areas for improvement
• Manage detection capabilities to ensure appropriate coverage, effective operation, and adherence to deepwatch standards
• Detection Research
• Detection Creation
• Detection Tuning
• Assist in the development of Deepwatch’s detection strategy, researching new threats, technologies and developing new detections
• Research and assist in the design of risk based detection mechanisms

Benefits

• Medical, dental, vision, and disability insurance
• Flexible Time Off (FTO), 9 company holidays, sick leave and 8-Weeks Paid Parental Leave
• Unique professional development benefits, starting at $3,000 annually
• Wellness contests and monthly educational programs
• 401(K) retirement program with employer match