Location: Remote
Job Summary
The ELK Analytics team is looking for an experienced threat detection engineer to join our team. This engineer will use their subject matter expertise to support SOC operations by continuously evaluating and improving the ELK Analytics detection capabilities.
Responsibilities:
- Develop and expand ELK Analytics threat detection capabilities
- Conduct research into emerging threats and produce reports outlining their scope and impact
- Produce actionable intelligence in the form of detections deployed to customer environments
- Evaluate and tune current detections to optimize alert generation
- Assist SOC team members with significant incident investigations
Minimum Qualifications
- 3+ years industry experience.
- Expertise doing security event monitoring, analysis and triage
- 1+ years of programming, preferably in Python.
- Strong background in at least two of the following: incident response, SOC monitoring, Threat Detection, Security Engineering and Digital forensics.
- The ability to synthesize threat intelligence into actionable signatures within a detection engine
Preferred Qualifications
- Comprehensive understanding of the Elastic ELK stack
- Professional experience in writing threat intelligence reports on emerging threats
- Malware Analysis