Cyber Security Detection Engineer

Responsibilities

• Manage, maintain, and tune the SIEM infrastructure to ensure high-performance log ingestion, processing, and query speeds.
• Lead the automation strategy by authoring comprehensive runbooks and developing custom scripts. 
• Design, implement, and continuously fine-tune high-fidelity detection rules. 
• Partner with stakeholders and cross-functional teams (Engineering, Product, SRE, IT, Legal) to adapt in a dynamic security landscape.
• Evaluate and implement emerging security technologies and methodologies to continuously enhance our security posture and operational efficiency.
• Ensure compliance with security standards and regulations (e.g ISO27001, PCIDSS) Support audits and security assessments by ensuring controls are properly implemented and evidenced.

Expected Qualifications

• 3+ years of experience in security.
• Manage and optimize the performance of SIEM platform to ensure effective security monitoring, incident detection, and response.
• Author comprehensive runbooks, write automation scripts, and build SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.
• Design, implement, and fine-tune advanced detection mechanisms to proactively identify potential security threats and vulnerabilities.
• Utilize MITRE ATT&CK, Cyber Kill Chain, and other frameworks for threat modeling, detection strategy, and incident response.
• Hands-on familiarity with cloud security, Kubernetes, and modern CI/CD environments.
• Support ongoing security compliance, audit, and certification programs.
• Experience with Unix/Linux environments.
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills in English.
• Certifications such as CISSP, GCIH, GCFA, CEH, or GCDA are preferred.