Senior Security Engineer - Threat Detection
CPL
Limerick
Senior Security Engineer - Threat Detection. Description: The Security Advisor/Detection Engineer will maintain current threat management capabilities that support our clients 24/7 Cyber Security Operations Center. This position will be developing and maintaining threat detection content across multiple security platforms that are operationalized by the Cyber Security Operations Center. Responsibilities: • Develop SIEM and Security Use Case Logic (Detection Engineering) for security threat models. • Conduct threat hunting exercises using industry best practices. • Document standard practices for metrics collection and reporting. • Maintain and develop documentation for CSOC use cases. • Align work products to Mitre ATT&CK framework and apply detection opportunities driven by threat hunting and threat intelligence. • Development, testing, and management of CSOC use cases. • Creation of custom logic to detect unique or previously undetectable attacks on Anthem’s information assets. • Deliver recommendations to close identified security gaps. • Develop solutions to manage data in a cross-platform environment leveraging scripting and automation. • Maintain accurate records of signal and detection logic in EDR (Tanium), IDS (Extrahop), SIEM (Sumologic, XSoar, Splunk. Minimum Requirements: • Requires BS/BA in information Technology or related field of study and a minimum of 8 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required. • Requires broad-based experience to plan and design highly complex systems; or any combination of education and experience, which would provide an equivalent background. Preferred Qualifications: • Security Certifications: CISSP and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Security Engineering Professional, Certification and Accreditation Professional, or equivalent certifications) strongly preferred. • Experience interacting with senior management, as a subject matter expert that may involve influencing and decision-making. • Mastery of Microsoft Office products, most notably MS PPT, Excel and analytic tools. • Proficient in change management strategies (communication plans. Enquiries and further information to david.bourke@cpl.ie | 087 2950180.
515 days ago