IT Security Engineer
What will you do:
You will be involved in full cycles of designing, building, fine tuning and improving security detection and response capabilities; use data analytics, define and implement new tooling and collaborate with stakeholders to improve response actions in a large cyber defense SOC environment with a focus on SIEM content.
And also:
- Transform data into informative Security alerts
- Analyse threat actors’ techniques and develop resilient detection content
- Participate in purple teaming exercises and improve existing detection
- Develop machine learning models to detect behavioural aspects to drive Security Detection.
- Develop playbooks to automate response actions.
Skills:
- Experience in creating threat detection use cases/models
- Strong defensive mindset with good understanding of threat actors TTPs and how to defend against these.
- Experience in working with Microsoft security products
- Experience with programming (preferably Python, REST API), automation or machine learning
- Strong skills in query languages like SPL, KQL
- Strong (interpersonal) communication skills in the English language, both written and verbally.
- Willing to work from the office at least 1 day a week
- Experience with Azure Sentinel and Microsoft Defender.
- Security certifications such as OSCP, GPEN, GCFA, GMON, GCDA are preferred.