Detection Engineer
About the Role
We are looking for a Senior Detection Engineer to join our international cybersecurity team. The person who joins will help build upon the current ATT&CK-based detection manual used by the Getronics Security Operations Center (SOC), and take it to the next level of maturity and capability. Additionally, they will support the day-to-day threat detection work of a team of analysts servicing a wide range of clients across various industries, including Getronics' private / hybrid cloud and internal IT services.
Key Responsibilities

Develop threat detection rules to identify modern attacker tactics and techniques, working closely with threat intelligence, incident response, security analysts, and infrastructure / security architecture teams.
Maintain and optimize the existing detection rulebase, applying lifecycle management and deprecating rules where needed.
Assess ATT&CK coverage to identify detection gaps and improvement opportunities.
Define and maintain effective detection metrics.
Support compliance-related use cases as required.
Create and maintain lists to support correlation rules.
Design dashboards for specific threat detection use cases and train analysts on their use.
Provide input into threat hunting activities through the development of efficient search queries.
Collaborate with business and IT teams to create detection strategies aligned with current and emerging business needs.
Analyze alert trends and propose improvements.
Support data collection improvements and maintain configuration management documentation.

Requirements

Minimum of 2 years' experience as a Cybersecurity Detection Analyst working with SIEM technologies (QRadar, Log Rhythm, Splunk, Elastic Security, Insight IDR, Alien Vault OSSIM, etc.).
Previous experience in other technical cybersecurity roles such as SOC Analyst, Threat Intelligence Analyst, or Pentester.
Hands–on experience implementing detection playbooks based on the MITRE ATT&CK framework.
Strong analytical and problem‑solving skills.
Solid understanding of the current threat landscape, including common attack vectors and best practices for protecting systems and networks.
Advanced knowledge or experience with at least two of the following technologies : Python, Reg Ex, Sigma, YARA.
Experience fine‑tuning correlation rules for optimal performance.
Strong communication skills with the ability to document clearly and summarize effectively.
Fluent English is mandatory due to international team collaboration.
Structured, goal‑oriented working style.

#J-18808-Ljbffr