Senior Detection Engineer

We are AttackIQ and we are engineering a disruptive security product that delivers continuous validation of your enterprise security program so you can find the gaps, strengthen your security posture and exercise your incident response capabilities.

We work with top companies around the world which surely you use their products or services on a daily basis. We give an answer to their needs by helping them validate their cybersecurity-related assumptions.

How Do We Do It?

At the core of our values at AttackIQ is the ability to challenge ideas and engage in thoughtful discourse. We’ve created an environment where every employee is well respected and where anyone can be respectfully challenged regardless of their position.

Our work environment is joyful while holding ourselves to high standards. We like to be surrounded by amazing peers from whom we can learn from. We like to joke, we like to learn, we take ownership and we take pride in our work. We also like to play ping pong!

These are the values by which we live:

  • One Team
    We are the sum of the contributions of all of our employees. We play to win and openly discuss options when our goals compete. We unite to deliver results for our company and customers.
  • Impress Every Customer
    Put the customer at the center of everything we do. Surpass expectations, every time.
  • Do the Right Thing
    What do you do when no one else is looking? We act with integrity and honesty and focus on putting ourselves in the shoes of others.
  • Innovation
    We never give up seeking creative ways to solve problems.
  • Operate with Transparency
    We share information. Share mistakes. Share victories.
  • People First
    We empower our employees to work in an environment that is conducive to creating the optimal work/life balance. In addition, every one of us is dependent on one another, with our time, with our knowledge, with our craft. It’s the heart of who we are as an organization.

Who Are You?

You are a passionate person. You are not only a dedicated individual contributor but also a team player. You demonstrate a genuine interest in understanding why you are working on something and you are able to respectfully challenge any decision in pursuit of a solution to engineering and customer problems.

You don’t feel comfortable working as if in a supply chain and you are eager to get involved in anything that could tangentially impact your work.

You are used to getting things done and you are confident about your skills but still humble and able to accept criticism and follow guidelines.

Your Mission

As a detection engineer at AttackIQ you will:

  • Identify, understand, and outline how security control vendors respond to cyber attacks
  • Serve as a subject matter expert for challenges other teams face regarding security controls.
  • Work with the multiple engineering teams to optimize security control experience inside the AttackIQ platform.
  • Deploy and maintain security controls having the engineering teams as your main clients.
  • Keep track of how the new versions of the security controls affect existing AttackIQ capabilities
  • Meet with security control vendors and customers to understand needs and requests

Requirements

  • 8+ years of experience working in cybersecurity operations (CSOC, SOC, CIRT, CSIRT) in enterprise environments, or equivalent
  • Proficient English communication skills.
  • Good knowledge of Azure Security Products. Ideally: Security Center, Azure Sentinel, and Activity logs
  • Good knowledge of Microsoft Security Products. Ideally: Office 365, CloudApp Security, Microsoft Defender for Endpoint
  • Strong knowledge about SIEMs (writing log parsers, normalizing logs, creation of correlation rules, etc) handling more than 25K EPS.
  • Strong knowledge of at least 2 Cloud Service Providers (Deploying and configuring native cloud security controls…)
  • Preference in order: Azure, VMware, Google, AWS.
  • Good knowledge of either:
    • EDR technologies.
    • Network security technologies (Fortinet & Cisco FirePower)
  • Email security technologies (Proofpoint Enterprise…)
  • Experience developing in Python

Highly Desired

  • Experience doing threat hunting / incident response
  • Experience with IaC (Terraform, Ansible)
  • Experience with MITRE ATT&CK Framework
  • Experience in blue/purple teaming

How to Apply

Send an email to jobs@attackiq.com with Subject Line: “Senior Detection Engineer”


Note to all recruitment agencies
AttackIQ does not accept agency resumes without a signed agreement. Please do not forward resumes to our jobs alias, our employees, or any other company location. AttackIQ is not responsible for any fees related to unsolicited resumes and will not pay fees to any third-party agency or company that does not have a signed agreement with us.

At AttackIQ we value diversity and are proud to be an equal opportunity employer.