Sr Cyber Security Engineer I- Sr Detection Engineer

Staples - Framingham, MA

posted 12 days ago

Full-time - Mid Level
Hybrid - Framingham, MA
Merchant Wholesalers, Nondurable Goods

About the position

The Sr. Cyber Security Engineer I - Sr Detection Engineer role at Staples involves leveraging expertise in Microsoft Sentinel and multi-cloud environments to enhance threat detection and response capabilities. The position focuses on developing and deploying detection use cases, maintaining complex detection rules, and collaborating with various stakeholders to improve security operations. The ideal candidate will have a strong background in security analytics and incident response, ensuring effective integration of security tools and proactive threat hunting.

Responsibilities

  • Develop and deploy detection use cases using various data sets and security products, including external threat intelligence.
  • Design, implement, and maintain complex detection rules, analytics, and automation playbooks within Microsoft Sentinel.
  • Document and track analysis and metrics around the detection lifecycle and revisions.
  • Participate in investigation, response, and root cause analysis for major incidents.
  • Proactively identify and investigate potential threats using Sentinel's hunting capabilities.
  • Tune and optimize Azure Sentinel baseline and analytical detection rules.
  • Collaborate closely with SOC, Advanced Threats, and other internal stakeholders to evolve the current detection footprint and efficacy.
  • Interact with internal and external peers and management to share complex information related to areas of expertise.

Requirements

  • Bachelor's degree in Computer Science, Computer Engineering, or a related field, or equivalent experience.
  • 5+ years of experience in detection engineering, incident response, or a related field.
  • Experience and/or familiarity with the threat hunting process and developing runbooks.
  • Experience analyzing common security logs (e.g., authentication, DNS, endpoint, network, proxy, cloud native) to detect security incidents.
  • Minimum of 3 years focused on Microsoft Sentinel and other Microsoft applications like Entra, Purview, and/or Defender, Log Analytics.
  • Proficient in creating and managing KQL queries and understanding Azure services related to security and compliance.
  • Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate, Certified Information Systems Security Professional (CISSP), or similar.

Nice-to-haves

  • Strong ability to learn new things and adapt to new requirements.
  • Demonstrated knowledge of common/emerging attack techniques.
  • Extensive experience building, deploying, and managing detection rules and analytics within Microsoft Sentinel.
  • Experience with scripting languages (Python, PowerShell) for automation and orchestration.
  • Familiarity and/or experience with purple teaming.
  • Deep understanding of system internals on Windows and Linux.
  • Demonstrated knowledge of tactics, techniques, and procedures (TTPs) as outlined by the MITRE ATT&CK framework.

Benefits

  • Inclusive culture with associate-led Business Resource Groups
  • Flexible PTO (22 days) and Holiday Schedule
  • Online and Retail Discounts
  • Company Match 401(k)
  • Physical and Mental Health Wellness programs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service