Detection Engineer
Description:
Our Detection Engineering Team provides detection capabilities for our various security products used in our 24/7 managed monitoring service. This role will be to join our expanding detection engineering team where you will focus on one of our detection capabilities: Network Detection and Response. You will work together with our Threat Intelligence team and Security Research team and use your own creativity to write and maintain detection logic for our customers. Previous experience with detection engineering is not a hard pre-requisite. We're looking for a wide range of backgrounds for potential candidates, the exact responsibilities of any candidate will be tailored given their experience and skillset.
You will:
- Develop new signatures for Suricata;
- Develop rules for our Machine Learning solution;
- Contribute to research into latest threats and/or detection opportunities in new technologies;
- Review findings of TI, CERT, and Red Team activities and evaluate from a detection engineering improvement perspective;
- Providing guidance and support to the rest of Fox-IT and NCC Group regarding detection development, and the continuous improvement of the MDR (Managed Detection and Response) landscape in terms of detection engineering.
Fox-IT
We are Fox-IT, or Fox. We stand for making the world safer and more secure. That means every one of us contributes in making society safer and more secure with the help of our technical and innovative solutions. From our Red Team of hackers, our Blue Team of defense specialists, highly skilled developers to trusted security consultants and more: We do this for organizations where cyber security is highly important. That is why we continuously develop our individual skills and knowledge.
We are critical thinkers, naturally security paranoid and thrive on development. We are part of NCC Group and with 2000 like-minded colleagues around the globe, we are on our never-ending mission to create a safer world.
We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.
We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission.
This is you
Our ideal candidate…
-
Has a security mindset and demonstrable experience or knowledge of the contemporary attack tactics and techniques;
-
Knows how to use attack tooling in a lab environment;
-
Has knowledge about networking and the OSI model;
-
Experience with Suricata and/or Zeek.
And has knowledge of one or more of the below:
-
Windows Active Directory;
-
Windows Operating System fundamentals;
-
Networking fundamentals.
We understand that this is looking for a unicorn, so we encourage anyone who is willing to learn the above to apply as well.
About your application
We review every application received and will get in touch if your skills and experience match what we're looking for. If you don't hear back from us within 10 days, please don't be too disappointed - we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, please e-mail global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
