Cybersecurity Detection Engineer, Remote - Washington, United States - Maania Consultancy Services

Description

Job Description

• A minimum of 3 years of experience working in detection engineering, threat hunting, security operations, or incident response using Splunk Enterprise Security or Microsoft Sentinel
• Experience with the processes to add/update/delete detection rules in Splunk Enterprise Security and Microsoft Sentinel.
• Proficient in detection engineering methodologies including SNORT and YARA rules.
• Proficient in Python programming, Bash, and PowerShell.
• Proficient in Splunk's Search Processing Language, React, Kusto Query Language, and the Common Information Model (CIM)
• Knowledgeable and experienced in leveraging cybersecurity threat intelligence, indicators of compromise, STIX/TAXII data feeds, MITRE ATT&CK, and SIEM integrations.
• Strong experience in networking principles, operating systems (Linux / Windows), and security tools such as IDS/IPS, firewalls, proxy servers and Endpoint Detection and Response (EDR).
• Knowledge of Windows Sysinternal Suite (including Sysmon) Unix audited, and how to tune configuration files for identification of malicious activity.

• Splunk Enterprise Security Certified Admin credential or have passed the AZ-500 Microsoft Azure Security Technologies exam.