Threat Detection Engineer

1 week ago

San Antonio, TX, United States CData Software Full time
Job Title

Threat Detection Engineer

Relevant Experience

(in Yrs)

6+

Technical/Functional Skills

ELK stack, Fireeye HX, Sysmon, Winlogbeat

Experience Required

6+

Roles & Responsibilities

Technical knowledge to write & develop rules for CIRT analysis, experience on ELK stack, Fireeye HX, Sysmon, Winlogbeat, CI-CD pipeline.

  • Deep understanding of cyber threat actor attacker techniques and tools (such as malware, common attack types) including evasion techniques, reconnaissance, scanning, exploitation, evasion, lateral movement, persistence, and exploits), proficient with MITRE ATT&CK
  • Deep understanding of security operations center processes, tools, and data for analysis & control mitigations, security event timeline analysis and baselining with experience in the analysis of logs and data for the development and implementation of custom detections to counter attacker techniques, known vulnerabilities and evasion methods
  • Security architecture (network topology, firewalls, proxies, web content filtering, wireless, EDR, IDS, IPS, SIEM, SOAR, etc.)
  • Network data sources (full packet analysis, flow data, dns logs, proxy logs, NIDS, etc.)
  • Knowledge and experience with common scripting languages and tools Python, PowerShell, Bash, YAML
  • Deep knowledge of compound logical operations (AND, OR, NOT), regular expressions
  • Experience extracting data from logs, SQL, and APIs
  • Knowledge and experience with tools used to build threat detections (Elastalert, Logstash, Kibana (ELK), Fireeye HX, Sysmon, Winlogbeat, Linux Auditd)
  • Deep understanding and experience with Operating Systems Including: Administration, configuration, registry, processes (Windows, Mac, and Linux)
  • Experience in red team/blue team/incident responder interactions
  • Understanding of CI/CD pipelines
  • Experience with source control tools (Git)


Generic Managerial Skills

Good Communication, Team coordination and Status update to customers

Education

B. Tech

Startdate (dd-mmm-yy)

06-July-23

Duration of assignment (in Months)

3 to 6 Months

Work Location(State, City and Zip)

Remote, San Antonio,TX

Rates payable to vendor $/hr

$70

Key words to search in resume

Develop Use cases for Threats, Python, Bash scripting

  • Cyber Threat Emulation

    2 weeks ago

    San Antonio, TX, United States Bristol Bay Native Corporation Full time

    STS Systems Support, LLC. (SSS) is seeking a Cyber Threat Emulation & Analyst at Lackland AFB in San Antonio, TX. What You Bring:Requirements: DoDD 8570.01-M/8140.01 I AT Level III CND Active TS/SCI Five years' of penetration testing experience. BA/BS or MA/MS Five (5) years of penetration testing experience. Demonstrated advanced knowledge of cyber...

  • Cloud Security Engineer

    2 weeks ago

    San Antonio, TX, United States Diverse Lynx Full time

    • 3+ years of experience in cloud security and 2+ years in threat modeling. • Strong understanding of at least one major cloud provider (AWS, Azure, or GCP). • Familiarity with threat modeling frameworks (e.g., STRIDE, DREAD, PASTA, LINDDUN). • Knowledge of cloud architecture patterns, containers, microservices, and serverless technologies. •...

  • Security Engineer | Remote | Airstrip

    21 hours ago

    San Antonio, TX, United States NantHealth Full time

    Are you ready to link your passion with a purpose? At AirStrip, we build technology that enables clinicians to diagnose earlier than ever before, accelerate life-saving interventions, reduce the cost of care, and save lives. We provide mobile-first clinical surveillance and alarm communication management technology that unlocks siloed data from patient...

  • Security Engineer | Remote | Airstrip

    3 days ago

    San Antonio, TX, United States NantHealth Full time

    Are you ready to link your passion with a purpose? At AirStrip, we build technology that enables clinicians to diagnose earlier than ever before, accelerate life-saving interventions, reduce the cost of care, and save lives. We provide mobile-first clinical surveillance and alarm communication management technology that unlocks siloed data from patient...

  • Cybersecurity Engineer

    1 week ago

    San Antonio, TX, United States Marathon Petroleum Corporation Full time

    An exciting career awaits you At MPC, we're committed to being a great place to work - one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment. Position Summary We are seeking a skilled and motivated Cybersecurity Engineer to join our Cyber Operations team, supporting both IT and OT...

  • Cybersecurity Engineer

    2 weeks ago

    San Antonio, TX, United States Marathon Petroleum Corporation Full time

    An exciting career awaits you At MPC, we're committed to being a great place to work - one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment. Position Summary We are seeking a skilled and motivated Cybersecurity Engineer to join our Cyber Operations team, supporting both IT and OT...

  • Information Security Engineer

    1 week ago

    San Antonio, TX, United States TransPecos Banks Full time

    Job Title: Information Security Engineer This position is an on-site assignment (preferred).Summary: The Information Security Engineer is responsible for designing, implementing, and maintaining security solutions to protect the bank's systems, data, and infrastructure. This role supports threat detection, vulnerability management, incident response, Secure...

  • Information Security Engineer

    2 weeks ago

    San Antonio, TX, United States TransPecos Banks Full time

    Job Title: Information Security Engineer This position is an on-site assignment (preferred).Summary: The Information Security Engineer is responsible for designing, implementing, and maintaining security solutions to protect the bank's systems, data, and infrastructure. This role supports threat detection, vulnerability management, incident response, Secure...

  • Information Security Engineer

    2 weeks ago

    San Antonio, TX, United States TransPecos Banks Full time

    Job Title: Information Security Engineer This position is an on-site assignment (preferred).Summary: The Information Security Engineer is responsible for designing, implementing, and maintaining security solutions to protect the bank's systems, data, and infrastructure. This role supports threat detection, vulnerability management, incident response, Secure...

  • System Security Engineer

    2 weeks ago

    San Antonio, TX, United States Cymertek Full time

    System Security EngineerLOCATION San Antonio, TX 78208 CLEARANCE TS/SCI Full Poly (Please note this position requires full U.S. Citizenship) KEY SUMMARY We are seeking a highly motivated and detail-oriented System Security Engineer to design, implement, and maintain security measures that protect our critical systems and data. In this role, you will work...