Hewlett Packard Enterprise
Discover HPE edge-to-cloud, enterprise compute IT, data, and security solutions. Learn how HPE empowers digital transformation through AI and sustainability.
Detection Engineer
This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2-3 days per week from an HPE office.
Who We Are:
Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world. Our culture thrives on finding new and better ways to accelerate what’s next. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.
Job Description:
About our Cyber Security team:
Are you ready to make an impact at one of the world’s leading tech companies? HPE’s Cybersecurity team is where you can do just that! We’re looking for a dynamic and experienced Detection Engineer for our Galway team. If you’re passionate about shaping the future of cybersecurity and ready for your next challenge, we’d love to hear from you.
About you:
You are skilled at researching security technologies and assessing security controls, with advanced knowledge of scripting and automation tools like Python, PowerShell, and Ansible to improve security operations and incident response. Your strong analytical and problem-solving skills enable you to tackle complex security challenges and devise effective solutions. You possess excellent leadership abilities, allowing you to influence both technical and non-technical stakeholders at all levels. You have a proven track record in designing, implementing, and managing security architectures in large, complex environments, and can manage multiple high-impact projects simultaneously in fast-paced, high-pressure settings.
Key responsibilities of the role:
* You will leverage your deep technical expertise to develop and enforce security standards, manage advanced security tools, and respond to complex security incidents. You will also mentor junior engineers, lead strategic security initiatives, and contribute to the continuous improvement of the organization’s cybersecurity posture.
* Build advanced detection capabilities based upon research and analysis of threat actor methodology, threat intelligence, and adversarial technique frameworks (MITRE ATT&CK).
* Identify detection gaps in existing monitoring capabilities, by analyzing the threat landscape, past incidents and threat intelligence reports.
* Design and implement advanced threat-detection mechanisms, with a focus on behavioral analysis and anomaly detection.
* Expert-level proficiency in SIEM platforms (e.g., Splunk, QRadar), SOAR platforms (e.g., Phantom, Demisto), and Data Lake technologies, with specific experience developing SIEM correlation rules, alerts and dashboards.
* Advanced knowledge of scripting and automation (e.g., Python, PowerShell) to develop custom detection rules and automate security processes.
* Strong analytical and problem-solving skills, with the ability to translate complex data into actionable insights.
* Excellent communication and leadership skills, with the ability to influence stakeholders at all levels of the organization.
* Ability to manage multiple high-impact projects simultaneously, working effectively in a fast-paced, high-pressure environment.
* Network security controls (e.g., firewalls, proxy, IPS/IDS).
* Authentication and Authorization protocols.
* Attacker Methodologies and Post Exploit Operations.
* Active Directory/Azure AD.
* Security Operations and Threat Intelligence.
* Cloud Threat Detection use-case development (Azure/AWS/GCP).
* Familiarity with GitHub and agile development methodologies.
* Capability to write advanced regular expressions.
* Knowledge of, and experience with Risk-Based-Alerting (RBA) concepts.
* SOC incident response experience is a plus.
* Strong self-motivation and time management skills required.
* Excellent written and verbal communication skills required.
* You are well-versed in frameworks such as NIST 800-53, ISO 27001, and Zero Trust, and have a strong understanding of cloud security and Dev Sec Ops principles.
Education & Experience Requirements:
* Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience.
* 8+ years of experience in cybersecurity, with a strong focus on security engineering, architecture, and operations.
* Proven experience with large-scale detection engineering initiatives and managing complex security environments.
* Certified Cloud Security Professional (CCSP), GIAC Security Expert (GSE), Offensive Security Certified Professional (OSCP), Certified Information Security Manager (CISM), or other advanced certifications relevant to cybersecurity engineering preferred certifications.
What We Can Offer You:
Health & Wellbeing
We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.
Personal & Professional Development
We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division.
Diversity, Inclusion & Belonging
We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.
#J-18808-Ljbffr