Threat Detection & Response Engineer
Dana
- Maumee, OH
- Permanent
- Full-time
- Lead the development and implementation of advanced detection logic, leveraging SIEM and EDR tools, to effectively identify and respond to evolving cyber threats.
- Stay abreast of the latest security industry trends, emerging threats, and innovative mitigation techniques to continuously enhance our cybersecurity posture.
- Drive regular threat hunting initiatives and actively participate in purple team exercises to refine and mature our detection capabilities.
- Collaborate closely with key stakeholders to define, refine, and operationalize use cases within our SOAR platform, ensuring seamless orchestration and automation of security workflows.
- Forge strategic partnerships with vendors to explore and integrate cutting-edge technologies that align with our cybersecurity objectives and enhance our detection and response capabilities.
- Assist with the administration and optimization of our SIEM and SOAR systems, ensuring their effectiveness in detecting and responding to security incidents.
- Participate in the review of threat intelligence reports to assess their relevance to the organization and propose suitable actions.
- Contribute to the development and maintenance of comprehensive technical documentation and Standard Operating Procedures (SOPs) to ensure consistent and effective response procedures.
- Mentor and coach junior team members, fostering a culture of knowledge sharing and professional development within the cybersecurity operations team
- Minimum 7 years experience in Information Security, with a strong focus on threat detection and incident response.
- Bachelor's degree in Information Technology, Computer Science, or a related field is preferred, although equivalent work experience and industry certifications will be considered.
- Extensive experience in creating detection logic, SIEM rules, and custom detections within EDR tools, with proficiency in platforms such as CrowdStrike (EDR) and Elastic (SIEM) highly desirable.
- Demonstrated expertise in automating security processes using SOAR tools, with hands-on experience in platforms like Cortex XSOAR considered a significant advantage.
- Proficiency in scripting languages such as PowerShell and Python for integrating and customizing security tools and workflows.
- Passion for continuous improvement and a collaborative mindset, with a drive to share knowledge and contribute to the growth of the team.
- Excellent problem-solving skills and the ability to develop creative solutions to complex cybersecurity challenges.
- Relevant security certifications such as Security+, CISSP, or GIAC certifications are a strong plus, reflecting a commitment to professional development and expertise in the field.
- Value Others
- Inspire Innovation
- Grow Responsibly
- Win Together