Strategic Staffing Solutions
Title: Cyber Threat Detection Engineer
Location: Houston, TX | San Ramon, CA
Duration: 24 Months
Industry: Energy – Oil & Gas
- The Content Management Analyst is expected to have previous cyber security domain knowledge (cyber threat landscape, an understanding of reconnaissance, malware, phishing, lateral movement, and exfiltration).
- Hands on experience analyzing network and endpoint data, experience creating detection signatures for both network and endpoints and data analytics to create signatures based off anomalous traffic.
- Splunk Experience Required
- Minimum one year experience working with security log data (e.g. Windows Event logs, firewall logs, endpoint logs, authentication logs, etc.)
- Splunk Power User Certification required.
- Splunk Advanced Power User Certification recommended
- Proven ability to write complex splunk queries and to create and use splunk knowledge objects (KO)
- Use of commands and KO such as stats, lookup, macro, calculated fields, data model, etc.
- Understand best practices for building optimized Splunk queries and dashboards
- Working knowledge of Regular Expression
As a Threat Detection Engineer, you will:
- Develop cyber security threat content, which includes detection signatures across various cyber security platforms, creating risk base analytic rules to prioritizes threat alerting, threat detection analytics and automation leveraging security orchestration and automation response (SOAR).
- Create advanced detection capabilities to prevent pending cyber threats targeting our client
Job ID: JOB-231171
Publish Date: 18 Sep 2023