Вакансии в ИБ | infosec
@infosec_work
Detection Engineer (4th Shift).
Location: Remote (USA).
Salary: Competitive.
Employer: Zscaler.
Responsibilities:
• Using Red Canary’s detection platform to analyze EDR telemetry, alerts, and log sources across several detection domains (Endpoint, Identity, SIEM, Cloud/SaaS, etc.);
• Publishing threats for customers using concisely-written communication while effectively conveying key and important indicators;
• Researching coverage opportunities then creating new detectors, and tune existing ones;
• Improving the Detection Engineering workflow through orchestration & automation;
• Providing mentorship to your peers and communicate effectively with others for efficient cross-team collaboration.
Requirements:
• Analysis experience and proficiency in Endpoint (MDR) and one or more of the following functional areas: Cloud/SaaS, Identity, Email or SIEM;
• Proven experience with automation and orchestration to effectively handle an extreme volume of telemetry and logs in a timely and efficient manner;
• Strong analytical thought-process and critical thinking skills to translate disparate activity into the realm of threat analysis;
• Experience using query languages and understanding syntax across EDR or other security platforms (SQL, K, Lucene, etc.);
• Experience creating and tuning detectors/rules using commonly known tools such as YARA, SIGMA, Snort, Splunk, Elastic, etc.;
• Ability to work from Wednesday - Saturday from 5pm MST - 3am MST.
Apply.
#Удаленка #ИБ
Location: Remote (USA).
Salary: Competitive.
Employer: Zscaler.
Responsibilities:
• Using Red Canary’s detection platform to analyze EDR telemetry, alerts, and log sources across several detection domains (Endpoint, Identity, SIEM, Cloud/SaaS, etc.);
• Publishing threats for customers using concisely-written communication while effectively conveying key and important indicators;
• Researching coverage opportunities then creating new detectors, and tune existing ones;
• Improving the Detection Engineering workflow through orchestration & automation;
• Providing mentorship to your peers and communicate effectively with others for efficient cross-team collaboration.
Requirements:
• Analysis experience and proficiency in Endpoint (MDR) and one or more of the following functional areas: Cloud/SaaS, Identity, Email or SIEM;
• Proven experience with automation and orchestration to effectively handle an extreme volume of telemetry and logs in a timely and efficient manner;
• Strong analytical thought-process and critical thinking skills to translate disparate activity into the realm of threat analysis;
• Experience using query languages and understanding syntax across EDR or other security platforms (SQL, K, Lucene, etc.);
• Experience creating and tuning detectors/rules using commonly known tools such as YARA, SIGMA, Snort, Splunk, Elastic, etc.;
• Ability to work from Wednesday - Saturday from 5pm MST - 3am MST.
Apply.
#Удаленка #ИБ
? 4
? 2
? 1
8 2.3K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram