Sr Cyber Security Engineer I- Sr Detection Engineer

Staples - Framingham, MA

posted 12 days ago

Full-time - Senior
Hybrid - Framingham, MA
Merchant Wholesalers, Nondurable Goods

About the position

The Senior Detection Engineer at Staples is responsible for enhancing the company's threat detection and response capabilities, primarily utilizing Microsoft Sentinel. This role involves developing and deploying detection use cases, designing complex detection rules, and collaborating with various stakeholders to improve the efficacy of security operations. The ideal candidate will leverage their expertise in Microsoft technologies and multi-cloud environments to ensure effective incident response and proactive threat hunting.

Responsibilities

  • Develop and deploy detection use cases using various data sets and security products, including external threat intelligence.
  • Design, implement, and maintain complex detection rules, analytics, and automation playbooks within Microsoft Sentinel.
  • Document, track analysis, and metrics around the detection lifecycle and revisions.
  • Participate in investigation, response, and root cause analysis for major incidents.
  • Proactively identify and investigate potential threats using Sentinel's hunting capabilities.
  • Tune and optimize Azure Sentinel baseline and analytical detection rules.
  • Partner closely with SOC, Advanced Threats, and other internal stakeholders to evolve the current detection footprint and efficacy.
  • Interact with internal and external peers and management to share complex information related to areas of expertise.

Requirements

  • Bachelor's degree in Computer Science, Computer Engineering, or a related field, or equivalent experience.
  • 5+ years of experience in detection engineering, incident response, or a related field.
  • Experience and/or familiarity with the threat hunting process and developing runbooks.
  • Experience analyzing common security logs (e.g., authentication, DNS, endpoint, network, proxy, cloud native) to detect security incidents.
  • Minimum of 3 years focused on Microsoft Sentinel and other Microsoft applications like Entra, Purview, and/or Defender.
  • Proficient in creating and managing KQL queries and understanding Azure services related to security and compliance.
  • Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate, CISSP, or similar.

Nice-to-haves

  • Strong ability to learn new things and adapt to new requirements.
  • Demonstrated knowledge of common/emerging attack techniques.
  • Extensive experience building, deploying, and managing detection rules and analytics within Microsoft Sentinel.
  • Experience with scripting languages (Python, PowerShell) for automation and orchestration.
  • Experience securing multi-cloud environments (Azure, AWS, GCP) by implementing and managing cloud-native security controls and integrating them with Sentinel.
  • Familiarity and/or experience with purple teaming.
  • Deep understanding of system internals on Windows and Linux.
  • Demonstrated knowledge of tactics, techniques, and procedures (TTPs) as outlined by the MITRE ATT&CK framework.

Benefits

  • Inclusive culture with associate-led Business Resource Groups
  • Flexible PTO (22 days) and Holiday Schedule
  • Online and Retail Discounts
  • Company Match 401(k)
  • Physical and Mental Health Wellness programs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service