Назад
Company hidden
2 дня назад

Purple Operations Engineer (Cybersecurity)

Формат работы
remote (только Europe)
Тип работы
fulltime
Английский
b2
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Purple Operations Engineer (Cybersecurity): Strengthening detection and response capabilities by tuning EDR, SIEM, and security monitoring platforms with an accent on alert quality and noise reduction. Focus on converting threats and attack simulations into tuned alerts, correlation rules, and defensive checks.

Location: Must be based in the EMEA region

Company

hirify.global is a remote-first company in pursuit of sustainability.

What you will do

  • Tune EDR, SIEM, and XDR detections to minimize false positives and improve alert quality.
  • Develop and maintain detection rules, correlation searches, dashboards, and response workflows.
  • Translate findings from Red Team, Purple Team, and Threat Intelligence into repeatable defensive checks.
  • Validate EDR policies, prevention rules, logging, and sensor health.
  • Map detections to the MITRE ATT&CK framework and write portable content using Sigma.
  • Track detection gaps, alert health, and platform performance.

Requirements

  • Experience tuning EDR, SIEM, XDR, or SOC monitoring platforms.
  • Strong understanding of endpoint, identity, cloud, network, and web attack behaviors.
  • Proficiency in writing detection logic using KQL, SPL, EQL, Lucene, Sigma, or YARA.
  • Practical experience with MITRE ATT&CK mapping and detection coverage analysis.
  • Strong scripting skills in Python, PowerShell, or Bash.
  • Must be located in the EMEA region.

Culture & Benefits

  • Remote-first work environment with flexibility (core hours 10am-3pm local time).
  • Competitive salary with quarterly performance-based bonuses.
  • 28 days of paid annual leave.
  • Annual company retreats for internal networking.
  • Top-of-the-line equipment provided.

Hiring process

  • Remote video screening with Talent Acquisition.
  • Online technical assessment via Hackerrank.
  • Remote video interview with team members.
  • Final discussion with the hiring manager.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →