Job Search and Career Advice Platform

Detection Engineer

Sii tra i primi a mandare la candidatura.
Solo per membri registrati
Lazio
EUR 50.000 - 70.000
Sii tra i primi a mandare la candidatura.
Oggi
Descrizione del lavoro

Detection Engineer

About the Role

We are looking for a Senior Detection Engineer to join our international cybersecurity team. The person who joins will help build upon the current ATT&CK-based detection manual used by the Getronics Security Operations Center (SOC), and take it to the next level of maturity and capability. Additionally, they will support the day-to-day threat detection work of a team of analysts servicing a wide range of clients across various industries, including Getronics' private / hybrid cloud and internal IT services.

Key Responsibilities

  • Develop threat detection rules to identify modern attacker tactics and techniques, working closely with threat intelligence, incident response, security analysts, and infrastructure / security architecture teams.
  • Maintain and optimize the existing detection rulebase, applying lifecycle management and deprecating rules where needed.
  • Assess ATT&CK coverage to identify detection gaps and improvement opportunities.
  • Define and maintain effective detection metrics.
  • Support compliance-related use cases as required.
  • Create and maintain lists to support correlation rules.
  • Design dashboards for specific threat detection use cases and train analysts on their use.
  • Provide input into threat hunting activities through the development of efficient search queries.
  • Collaborate with business and IT teams to create detection strategies aligned with current and emerging business needs.
  • Analyze alert trends and propose improvements.
  • Support data collection improvements and maintain configuration management documentation.

Requirements

  • Minimum of 2 years' experience as a Cybersecurity Detection Analyst working with SIEM technologies (QRadar, Log Rhythm, Splunk, Elastic Security, Insight IDR, Alien Vault OSSIM, etc.).
  • Previous experience in other technical cybersecurity roles such as SOC Analyst, Threat Intelligence Analyst, or Pentester.
  • Hands–on experience implementing detection playbooks based on the MITRE ATT&CK framework.
  • Strong analytical and problem‑solving skills.
  • Solid understanding of the current threat landscape, including common attack vectors and best practices for protecting systems and networks.
  • Advanced knowledge or experience with at least two of the following technologies : Python, Reg Ex, Sigma, YARA.
  • Experience fine‑tuning correlation rules for optimal performance.
  • Strong communication skills with the ability to document clearly and summarize effectively.
  • Fluent English is mandatory due to international team collaboration.
  • Structured, goal‑oriented working style.