About the Role
6-month contract (likely to extend) for a Detection Engineer with strong threat intelligence background to develop detection logic based on current threat intelligence for our MSSP client base.
Responsibilities
- Translate threat intelligence into detection rules (Sigma, YARA, Snort/Suricata)
- Develop and tune SIEM detections based on current threat actor TTPs
- Perform purple team exercises to validate detection coverage
- Maintain the detection-as-code pipeline and CI/CD workflow
Requirements
- 5+ years in a detection engineering or security engineering role
- Strong knowledge of the MITRE ATT&CK framework
- Experience with Splunk, Sentinel, or Chronicle SIEM
- Proficiency writing Sigma rules and KQL/SPL