Talent.com
Threat Detection Engineer
Threat Detection EngineerCData Software • San Antonio, TX, United States
Threat Detection Engineer

Threat Detection Engineer

CData Software • San Antonio, TX, United States
4 days ago
Job type
  • Full-time
Job description

Job Title

Threat Detection Engineer

Relevant Experience

(in Yrs)

6+

Technical / Functional Skills

ELK stack , Fireeye HX, Sysmon, Winlogbeat

Experience Required

6+

Roles & Responsibilities

Technical knowledge to write & develop rules for CIRT analysis, experience on ELK stack , Fireeye HX, Sysmon, Winlogbeat, CI-CD pipeline.

  • Deep understanding of cyber threat actor attacker techniques and tools (such as malware, common attack types) including evasion techniques, reconnaissance, scanning, exploitation, evasion, lateral movement, persistence, and exploits), proficient with MITRE ATT&CK
  • Deep understanding of security operations center processes, tools, and data for analysis & control mitigations, security event timeline analysis and baselining with experience in the analysis of logs and data for the development and implementation of custom detections to counter attacker techniques, known vulnerabilities and evasion methods
  • Security architecture (network topology, firewalls, proxies, web content filtering, wireless, EDR, IDS, IPS, SIEM, SOAR, etc.)
  • Network data sources (full packet analysis, flow data, dns logs, proxy logs, NIDS, etc.)
  • Knowledge and experience with common scripting languages and tools Python, PowerShell, Bash, YAML
  • Deep knowledge of compound logical operations (AND, OR, NOT), regular expressions
  • Experience extracting data from logs, SQL, and APIs
  • Knowledge and experience with tools used to build threat detections (Elastalert, Logstash, Kibana (ELK), Fireeye HX, Sysmon, Winlogbeat, Linux Auditd)
  • Deep understanding and experience with Operating Systems Including : Administration, configuration, registry, processes (Windows, Mac, and Linux)
  • Experience in red team / blue team / incident responder interactions
  • Understanding of CI / CD pipelines
  • Experience with source control tools (Git)

Generic Managerial Skills

Good Communication, Team coordination and Status update to customers

Education

B. Tech

Start date (dd-mmm-yy)

06-July-23

Duration of assignment (in Months)

3 to 6 Months

Work Location (State, City and Zip)

Remote, San Antonio,TX

Rates payable to vendor $ / hr

$70

Key words to search in resume

Develop Use cases for Threats, Python, Bash scripting

Create a job alert for this search

Detection Engineer • San Antonio, TX, United States

Related jobs
Concierge Security Engineer 2

Concierge Security Engineer 2

Arctic Wolf Co • San Antonio, TX, United States
Full-time
At Arctic Wolf, we're not just navigating the cybersecurity landscape - we're redefining it.Our global team of dedicated Pack members is driving innovation and setting new industry standards every ...Show more
Last updated: 4 days ago • Promoted
Security Designer

Security Designer

HDR • San Antonio, TX, United States
Full-time
At HDR, our employee-owners are fully engaged in creating a welcoming environment where each of us is valued and respected, a place where everyone is empowered to bring their authentic selves and n...Show more
Last updated: 4 days ago • Promoted
Cloud Security Engineer - Threat Modeling

Cloud Security Engineer - Threat Modeling

Diverse Lynx • San Antonio, TX, United States
Full-time
Strong understanding of at least one major cloud provider (AWS, Azure, or GCP).Familiarity with threat modeling frameworks (e. STRIDE, DREAD, PASTA, LINDDUN).Knowledge of cloud architecture patterns...Show more
Last updated: 30+ days ago • Promoted
Cyber Security Engineer

Cyber Security Engineer

Abacus Technology • San Antonio, TX, United States
Full-time
Abacus Technology is seeking a Cyber Security Engineer to provide system, application, and personnel security support for the EPASS program at Lackland AFB. Support the system / application authorizat...Show more
Last updated: 4 days ago • Promoted
TS / SCI Cyber Defense Operator

TS / SCI Cyber Defense Operator

Insight Global • San Antonio, TX, United States
Full-time
Insight Global is seeking a TS / SCI Cyber Defense Operator to support and defend a one of the largest DoD Networks.This is a 24 / 7 / 365 mission and will work on base and will sit within a Sensitive Co...Show more
Last updated: 4 days ago • Promoted
Manager, Threat & Crisis Intelligence

Manager, Threat & Crisis Intelligence

Molina Healthcare • San Antonio, TX, United States
Full-time
As the Manager, Protection Services Operations Center (PSOC), you will be a member of Molina Healthcare's Protection Services Operations Center, reporting to the Director.This role is crisis and th...Show more
Last updated: 16 days ago • Promoted
Concierge Security Engineer 3

Concierge Security Engineer 3

Arctic Wolf Co • San Antonio, TX, United States
Full-time
At Arctic Wolf, we're not just navigating the cybersecurity landscape - we're redefining it.Our global team of dedicated Pack members is driving innovation and setting new industry standards every ...Show more
Last updated: 30+ days ago • Promoted
Cybersecurity Engineer (ISSO)-Hybrid

Cybersecurity Engineer (ISSO)-Hybrid

Optimized Technical Solutions Inc • San Antonio, TX, United States
Full-time
Job Title : Cybersecurity Engineer (ISSO).Location : Hybrid (At an APPROVED SIPR facility).OTS is seeking a Cybersecurity Engineer (ISSO) to assist in security assessments, vulnerability tracking, an...Show more
Last updated: 30+ days ago • Promoted
Director, Cyber Security

Director, Cyber Security

KPMG • San Antonio, TX, United States
Full-time
KPMG Advisory practice is currently our fastest growing practice.We are seeing tremendous client demand, and looking forward we do not anticipate that slowing down. In this ever-changing market envi...Show more
Last updated: 30+ days ago • Promoted
Lead AI Security Engineer

Lead AI Security Engineer

Capital Group • San Antonio, TX, United States
Full-time
I can succeed as a Lead AI Security Engineer at Capital Group".As aLeadAISecurity Engineer, you willbe responsible forsecuring Capital Group's enterprise AI Platforms. You'llcollaborate with platfor...Show more
Last updated: 18 days ago • Promoted
Cloud Security Engineer (Level 3 or 4)

Cloud Security Engineer (Level 3 or 4)

Northrop Grumman • San Antonio, TX, United States
Full-time
RELOCATION ASSISTANCE : Relocation assistance may be available.At Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the...Show more
Last updated: 4 days ago • Promoted
Cybersecurity Engineer

Cybersecurity Engineer

Cymertek • San Antonio, TX, United States
Full-time
TS / SCI Full Poly (Please note this position requires full U.We are seeking a skilled and passionate Cybersecurity Engineer to join our team and play a pivotal role in protecting our organization's ...Show more
Last updated: 4 days ago • Promoted
Forensic Structural Engineer - Contract

Forensic Structural Engineer - Contract

Engionix • San Antonio, TX, US
Full-time +1
Quick Apply
CANDIDATES FROM ALL CIVIL ENGINEERING DISCIPLINES ARE ENCOURAGED TO APPLY.POSITION IS ON A CONTRACT / PROJECT BASIS WORKING CLAIMS - Licensed PEs who have a full time position are encouraged to app...Show more
Last updated: 30+ days ago • Promoted
Security Engineer (Mid)

Security Engineer (Mid)

Applied Training Solutions LLC Defunct • San Antonio, TX, United States
Full-time
CONTINGENT UPON CONTRACT AWARD.Higher Headquarters Assessments (HHA) : .Applied Training Solutions, LLC (ATS) is developing a team that is contingent upon award. The Security Engineer (Mid) shall be r...Show more
Last updated: 30+ days ago • Promoted
ICAM and Cyber Security Engineer with Security Clearance

ICAM and Cyber Security Engineer with Security Clearance

Softek International • San Antonio, TX, United States
Full-time
Description Senior Identity & PKI Engineer to design, implement, and maintain enterprise-class identity, credential, and access management (ICAM) solutions. Deep expertise in directory services, PKI...Show more
Last updated: 4 days ago • Promoted
Information System Security Engineer

Information System Security Engineer

Cymertek • San Antonio, TX, United States
Full-time
Information System Security Engineer.TS / SCI Full Poly (Please note this position requires full U.We are seeking a skilled and proactive Information System Security Engineer to join our cybersecurit...Show more
Last updated: 30+ days ago • Promoted
Cloud-Native Security Engineer

Cloud-Native Security Engineer

eTeam • San Antonio, TX, United States
Full-time
Cloud-Native Security Engineer.We are seeking a Cloud-Native Security Engineer to safeguard our cloud-based applications and infrastructure. This role involves designing and implementing robust secu...Show more
Last updated: 30+ days ago • Promoted
Information System Security Engineer

Information System Security Engineer

BOOZ, ALLEN & HAMILTON, INC. • San Antonio, TX, United States
Full-time +1
Information System Security Engineer.Designs, implements, and manages policies and procedures to ensure database and software security. Applies specific functional, working, and general industry kno...Show more
Last updated: 4 days ago • Promoted