Cyber Security Detection Engineer - 100% remote**
Optomi, in partnership with one of the world's largest retail company, is looking to add a Cyber Detection Engineer to their Threat Defense Operations team! The Cyber Threat Detection Engineer will help evolve their cybersecurity efforts and threat detection initiatives. This role entails being a member of a specialized team focused on developing and enhancing threat detection capabilities using SIEM and EDR/XDR tools.
The ideal candidate will have a proven track record of contributing to security projects, developing use cases, implementing and maintaining threat detection solutions, and staying ahead of emerging cyber threats.
**This position is 100% remote sitting in certain states due to tax purposes. Candidate must sit in (or be open to relocate to) IL, MA, NC, SC, PA, CT, MD, NJ, NY or ME OR be willing to relocate within first 6 months in order to convert full-time.
Key Responsibilities:
- Develop and implement advanced threat detection use cases and optimize SIEM solutions for on-premises and cloud environments.
- Develop a use case framework mapped to MITRE ATT&CK and relevant data sources.
- Enhance SIEM and XDR tools for effective real-time threat identification and response.
- Fine-tune use case content, address false positives, and collaborate with the ACE team on onboarding new log sources or exploring new features in our existing toolsets.
- Collaborate with teams to integrate threat detection solutions into existing systems and workflows.
- Work with the threat intel team to regularly assess and adapt to evolving threats.
- Maintain comprehensive documentation and stay updated on industry trends to continuously improve threat detection capabilities.
- Embrace and promote a culture of continuous learning and professional development.
- The position may involve occasional on-call duties and work outside regular business hours to address urgent security issues.
Required Skills and Qualifications:
- 3-5+ years of experience in cybersecurity, with a focus on SIEM technologies, analytics, and data science.
- Proficiency in SIEM platforms (Azure Sentinel) and experience with data integration and normalization techniques.
- Proficient in EDR/XDR tooling and threat detection methodologies.
- Relevant certifications such as CISSP, CISM, GIAC, or similar are highly desirable.
- Effective communication skills for documenting processes and collaborating with team members.
