logo

View all jobs

Detection Engineer

Phoenix, Arizona
Fusion HCR is hiring a Detection Engineer for a direct hire opportunity with a leader in the managed security space located in Atlanta or Phoenix area. 

Role Summary:
As a member of the Managed Security team, the MSS Detection Engineer is a key position in the Cyber Fusion Center.

Responsibilities:
  • Conduct Security investigations, analyze security Incidents, execute detection improvements utilizing SIEM, endpoint detections and response, NGFW and other Security tools.
  • Implement and manage SIEM rules and Detections
  • Manage Endpoint Detection and Response capabilities
  • Develop and configure security systems for continuous security monitoring
  • Develop security-focused content for SIEM, including creation of complex threat detection logic and operational dashboards
  • Automate detection and response using cloud native tools, as well as third-party and custom solutions
  • Integrate security systems with threat intel and threat hunting tools and solutions
  • Build Custom LogRhythm Parsers
  • Develop custom applications and scripts to automate intelligence gathering and IR workflows
  • Evaluate, investigate, and modify security alert rules and policies to minimize the number of false positives in the environment
  • Investigate security alerts, logs, and raw network data to evaluate legitimate security concerns
  • Troubleshoot and resolve performance and configuration issues

Preferred Skills / Experience Requirements:
 
  • Expertise in SIEM Technologies such as LogRythm
  • Experience with Palo Alto NGFW and Cisco FW a plus
  • Ability to prioritize and successfully deliver across a portfolio of projects without direction
  • Experience documenting security runbooks, standards, guidelines, and best practices
  • Understanding of threat intelligence and cyber threat actor trade craft
  • Ability to handle multiple engagements in parallel and in different stages of implementation and Operations
  • Excellent communication and interpersonal skills
  • Strong experience with operating systems such as Windows, Unix/Linux, and MacOS
  • A Plus:
  • LogRhythm LRSA, LRSE, LPA certifications
  • Proficiency in programming and scripting languages such as Python, JavaScript, BASH, C++, REST APIs, JSON, and XML
  • Industry certifications such as CEH, Certified Intrusion Analyst, CySA+
  • Understanding the best practices, control frameworks, and applicable existing and new legal/regulatory requirements (e.g., SEC Regulation S-P, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, and PCI DSS)
  • Experience with other security solutions, such as EDR, SASE, firewalls, DLP, NAC, IDS/IPS, and vulnerability assessment tools
  • Knowledge of security frameworks and standards, including MITRE Att&CK, OWASP, and NIST

 

More Openings

Billing Clerk
Dialysis Nurse (RN)

Share This Job

Powered by