No more applications are being accepted for this job
- A minimum of 3 years of experience working in detection engineering, threat hunting, security operations, or incident response using Splunk Enterprise Security or Microsoft Sentinel
- Experience with the processes to add/update/delete detection rules in Splunk Enterprise Security and Microsoft Sentinel.
- Proficient in detection engineering methodologies including SNORT and YARA rules.
- Proficient in Python programming, Bash, and PowerShell.
- Proficient in Splunk's Search Processing Language, React, Kusto Query Language, and the Common Information Model (CIM)
- Knowledgeable and experienced in leveraging cybersecurity threat intelligence, indicators of compromise, STIX/TAXII data feeds, MITRE ATT&CK, and SIEM integrations.
- Strong experience in networking principles, operating systems (Linux / Windows), and security tools such as IDS/IPS, firewalls, proxy servers and Endpoint Detection and Response (EDR).
- Knowledge of Windows Sysinternal Suite (including Sysmon) Unix audited, and how to tune configuration files for identification of malicious activity.
- Splunk Enterprise Security Certified Admin credential or have passed the AZ-500 Microsoft Azure Security Technologies exam.
Cybersecurity Detection Engineer, Remote - Washington, United States - Maania Consultancy Services
Maania Consultancy Services
Washington, United States
Found in: ZipRecruiter Test10P US C2 - 1 week ago
Description
Job Description
Job DescriptionJob title : Cybersecurity Detection Engineer
Position : Full time
Location : 100% Remote/Washington DC
Qualifications:
At least one of the following certifications:
uEuUszCpvL