Назад
Company hidden
1 день назад

Detection Engineer (Cybersecurity)

Формат работы
onsite
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Detection Engineer (Cybersecurity): Developing and optimizing detection content for EDR and ITDR platforms with an accent on custom rule creation and telemetry analysis. Focus on mapping detections to the MITRE ATT&CK framework, researching attacker techniques, and reducing false positives to improve product coverage.

Location: Must be based in Orlando, FL (In-office position)

Company

hirify.global is a leader in endpoint protection technologies, providing enterprise-level cybersecurity tools like Application Allowlisting and Ringfencing to secure servers and endpoints.

What you will do

  • Develop, test, and maintain detection content for Endpoint and Identity Threat Detection platforms.
  • Create and maintain custom Sigma, YARA, and Snort detection rules.
  • Map detections to the MITRE ATT&CK Framework and continuously improve coverage.
  • Analyze Windows telemetry and forensic artifacts to identify detection opportunities.
  • Research attacker techniques, including persistence, privilege escalation, and defense evasion.
  • Validate detection logic through threat hunting, malware analysis, and adversary emulation.

Requirements

  • 3+ years of experience in Information Security.
  • 2+ years of experience with EDR or ITDR technologies within an enterprise environment.
  • Proficiency in creating custom Sigma, YARA, and Snort detection rules.
  • Strong knowledge of Windows operating systems and forensic artifacts.
  • Deep understanding of the MITRE ATT&CK Framework and its practical application.
  • Must be based in Orlando, FL; this is an in-office position.

Nice to have

  • Relevant certifications such as OSCP, GCFA, GCIH, GCIA, GCDA, GCTD, or GISP.

Culture & Benefits

  • Opportunity to work with cutting-edge endpoint protection and identity security tools.
  • Collaborative environment working closely with Threat Analysts and Security Researchers.
  • Exposure to emerging threats, attack techniques, and industry best practices.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →