Enable job alerts via email!
Cyber Security Detection Engineer
Edge Group
Abu Dhabi
On-site
AED 60,000 - 100,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
An established industry player is on the lookout for a dedicated Cyber Security Detection Engineer to enhance its security posture. This exciting role involves designing and implementing security detection mechanisms, simulating threat actor tactics, and collaborating with intelligence teams to stay ahead of emerging threats. The ideal candidate will possess strong skills in Splunk and KQL, along with a solid understanding of threat actor behaviors. Join a dynamic team where your expertise will contribute to safeguarding the organization against evolving cyber threats. If you're passionate about cybersecurity and eager to make a difference, this opportunity is for you.
Qualifications
- 5+ years of experience in security detection engineering.
- Proficiency in Splunk and KQL for security detection.
Responsibilities
- Design and maintain security detection mechanisms using Splunk.
- Simulate threat actor techniques in a lab environment.
Skills
Education
Tools
Job description
Select how often (in days) to receive an alert: Create Alert
We are seeking a skilled Cyber Security Detection Engineer to join our team. The ideal candidate will have a strong background in security detection engineering, with proficiency in Splunk and KQL query writing. This role requires a hands-on approach to simulating threat actor tactics, techniques, and procedures (TTPs) in a lab environment based on best practices and the latest threat intelligence research.
- Design, implement, and maintain security detection mechanisms using Splunk and KQL.
- Simulate threat actor TTPs in a lab environment to validate detection capabilities.
- Collaborate with threat intelligence teams to stay updated on emerging threats and best practices.
- Develop and execute detection use cases to identify potential security incidents.
- Analyze security events and alerts to determine severity and potential impact.
- Provide recommendations for improving detection and response strategies.
- Assist in the administration of SIEM platforms, particularly Splunk and Microsoft Sentinel.
- At least 5 years of relevant experience.
- Experience in a SOC environment (preferably).
- Proficiency in Splunk and KQL query writing.
- Strong understanding of threat actor TTPs and experience in simulating them in a controlled environment.
- Offensive security knowledge is a plus, with relevant certifications such as OSCP, CPTS, PNPT, ePPT, or ePTX.
- Experience with SIEM administration, particularly with Splunk and Sentinel.
- Excellent analytical and problem-solving skills.
- Strong communication and teamwork abilities.
If you are passionate about cybersecurity and have the skills to protect our organization from emerging threats, we encourage you to apply.
J-18808-Ljbffr
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
