Detection Engineer
Make an impact at HPE's Cybersecurity team, a leading tech company. We're seeking an experienced Detection Engineer for our Galway team.
About You:
* You have advanced knowledge of scripting and automation tools like Python, PowerShell, and Ansible to improve security operations and incident response.
* Your strong analytical and problem-solving skills enable you to tackle complex security challenges and devise effective solutions.
* You possess excellent leadership abilities, allowing you to influence both technical and non-technical stakeholders at all levels.
Key Responsibilities:
1. Leverage your deep technical expertise to develop and enforce security standards, manage advanced security tools, and respond to complex security incidents.
2. Mentor junior engineers, lead strategic security initiatives, and contribute to the continuous improvement of the organization's cybersecurity posture.
3. Build advanced detection capabilities based upon research and analysis of threat actor methodology, threat intelligence, and adversarial technique frameworks (MITRE ATT&CK).
4. Identify detection gaps in existing monitoring capabilities, by analysing the threat landscape, past incidents and threat intelligence reports.
5. Design and implement advanced threat-detection mechanisms, with a focus on behavioural analysis and anomaly detection.
6. Maintain expert-level proficiency in SIEM platforms (e.g., Splunk, QRadar), SOAR platforms (e.g., Phantom, Demisto), and Data Lake technologies.
7. Utilize advanced knowledge of scripting and automation (e.g., Python, PowerShell) to develop custom detection rules and automate security processes.
8. Translate complex data into actionable insights using strong analytical and problem-solving skills.
9. Communicate effectively and lead with the ability to influence stakeholders at all levels of the organization.
10. Manage multiple high-impact projects simultaneously, working effectively in a fast-paced, high-pressure environment.
11. Implement network security controls (e.g., firewalls, proxy, IPS/IDS) and authentication and authorization protocols.
12. Understand attacker methodologies and post-exploit operations, including Active Directory/Azure AD and security operations.
13. Develop cloud threat detection use-cases (Azure/AWS/GCP) and demonstrate familiarity with GitHub and agile development methodologies.
14. Write advanced regular expressions and possess knowledge of Risk-Based-Alerting (RBA) concepts.
15. Hold SOC incident response experience as a plus.
16. Exhibit strong self-motivation and time management skills.
17. Demonstrate excellent written and verbal communication skills.
18. Be well-versed in frameworks such as NIST 800-53, ISO 27001, and Zero Trust, with a strong understanding of cloud security and DevSecOps principles.
Education & Experience Requirements:
* Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience.
* 8+ years of experience in cybersecurity, with a strong focus on security engineering, architecture, and operations.
* Proven experience with large-scale detection engineering initiatives and managing complex security environments.
* Certified Cloud Security Professional (CCSP), GIAC Security Expert (GSE), Offensive Security Certified Professional (OSCP), Certified Information Security Manager (CISM), or other advanced certifications relevant to cybersecurity engineering preferred.
What We Can Offer You:
* Health & Wellbeing: We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.
* Personal & Professional Development: We invest in your career because the better you are, the better we all are.
* Diversity, Inclusion & Belonging: We are unconditionally inclusive in the way we work and celebrate individual uniqueness.
Estimated Salary: $120,000 - $180,000 per year.