Detection & Response Engineer

Skills

• Cybersecurity principles
• Scripting (Python, Rust)
• Incident response
• SIEM platforms
• Cloud environments (AWS, GCP, Azure)
• Network protocols
• Analytical skills
• Communication skills

Responsibilities

• Monitor and analyze security alerts and logs to identify potential threats and anomalies
• Develop, implement, and maintain detection rules and correlation logic in our SIEM platform
• Conduct thorough investigations of security incidents, performing root cause analysis and impact assessments
• Lead incident response efforts, coordinating with relevant teams to contain and mitigate threats
• Create and maintain incident response playbooks and runbooks
• Perform regular threat hunting activities to proactively identify potential security risks
• Develop and refine metrics and reporting to track the effectiveness of detection and response capabilities
• Collaborate with other security teams to improve overall security posture and incident handling processes
• Stay current with emerging threats, attack techniques, and defensive strategies

Education

• Bachelor's degree in Computer Science, Cybersecurity, or related field

Benefits