Detection Engineer Lead Qatar

Posted 16 November 2023
Salary 96600
LocationQatar
Job type Permanent
Discipline Cyber Defence
Reference34487
Contact NameSabri Babouri

Job description

 

Detection Engineer

Working with a prominent system integrator in Qatar is at the forefront of providing crucial Detection and Response services. These services play a pivotal role in bolstering the security of customers at the national level, with a focus on Critical Sector Organizations dedicated to supporting the Critical National Infrastructure.

We are actively looking for exceptional individuals who possess the drive and passion to join our client's team. As part of this dynamic environment, you will contribute to the ongoing efforts to enhance effectiveness and efficiency in responding to threats. This includes tasks such as creating, tuning, and testing detections for various security tools and platforms.

Required Skills:

  • Understand prevailing threats and how to mitigate them with EDR and SIEM.

  • Experience writing detections for EDR and SIEM

    technologies.

  • Experience writing Regex.

  • Familiarity with the MITRE ATT&CK framework

    and the Cyber Kill Chain.

  • Understand security principles and practices.

  • Proven capability to learn and deliver to a high standard within deadlines.

  • Strong organizational skills and an ability prioritize tasks from multiple stakeholders.

  • Ability to relay complex technical subject matters to non-technical stakeholders.

  • Demonstrable analytical and technical aptitude with focus on identifying and alleviating the root

  • cause of a problem.

  • Proven ability to thrive and respond to frequent demands of multiple constituents, both internal

  • and external, in a high-demand, customer-centric environment.

Educational Qualifications:

Relevant bachelors degree

Additionally, one or more relevant industry certifications.

Desirable:

  • Experience working as part of an MSSP or MDR provider.

  • Familiarity and experience with multiple SIEM and EDR solutions, and detector formats

  • Experience with Elastic SIEM, Elastic Security Agent

    and ElastAlert Detectors

GCDA Certification or equivalent.

Roles and Responsibilities:

  • Develop, test and tune both detections and parsers for various tools and technologies.

  • Develop detection detectors in Sigma

    and maintain a library in a version control system.

  • Maintain awareness of the current threat landscape, including adversary tactics, techniques,

  • and procedures.

  • Engage colleagues to validate detections, identify gaps in coverage, and test detection.

  • capabilities by simulating attacks in a lab environment.

  • Perform continuous improvement and validation to ensure accuracy and efficiency and

    enable.

  • comprehensive coverage based on the industry standards (MITRE ATT&CK and Lockheed

  • Martins Cyber Kill Chain)

  • Handle requests for new detectors, determine the security value of those requests and clearly.

  • explain your decision to stakeholders.

  • Provide subject matter expertise for event logging and, event detection and recommend.

  • configurations to customers.

  • Work with colleagues and customers to reduce false positives and improve the computational

  • efficiency of Rules and use cases.

  • Understand and master data sources across a variety of categories including Windows, Linux,

  • Active Directory, Privileged Access Management, Intrusion Detection/Prevention, Firewalls,

  • Anti-Virus, Endpoint Detection & Response, Cloud Access Security Broking, Network Access

  • Control, Application Control and Productivity Apps.

  • Collaborate with key stakeholders across the SOC, Threat Intelligence, Offensive Security,

  • Engineering, Project, Product and Sales Teams.

  • Enable process automation through the development of high-confidence detections.

  • Document designs and processes and maintain a use case library with version control.

  • Develop resources such as dashboards, heat maps and other representations to demonstrate.

  • detection coverage and gaps.

  • Assist with designing and documenting work processes for detector development, testing,

  • deployment, and management.

  • Support Threat hunting practices, identify data sources to surface attacks and incorporate.

  • findings into security controls.

  • Responsible for mentoring and training of Junior Analysts and Engineers.

  • Perform other duties as assigned.

 

Benefits:

  • Competitive Tax-free Salary

  • Visa and sponsorship

  • Onsite

  • Flight ticket

  • Medical insurance

  • 20 days annual leave paid.