CyberSecurity Engineer
CyberSecurity Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Greetings from Netsach - A Cyber Security Company.
Role Summary:
We are seeking a Cybersecurity Engineer with 3-5yrs of expertise inDetection Rule Engineering to play a pivotal role in developing a detection rule dataset for Large Language Models. The ideal candidate will have hands-on experience in creating and fine-tuning detection rules forSIEM(Security Information and Event Management)andEDR(Endpoint Detection and Response)systems along with proficiency inSIGMA Rulecreation and conversion. Also the candidate is expected to have testing experience to validate the generated rules.
Job Title: Cybersecurity Engineer (Detection Rule Engineering)
Location: Noida Chennai Bangalore
Notice- Immediate joiners only
Experience: 3-5 yrs.
Contract duration- 6 Months to 1yrs extension
Job Description/Responsibilities:
- Design develop and maintain detection rules queries and alerts inSIEM(Splunk preferred) andEDR(Microsoft Defender preferred)environments.
- Write custom SIEM and EDR queries corresponding toMITRE TTPsfor comprehensive coverage.
- Test and validatethe accuracy of developed SIEM and EDR queries and corresponding SIGMA rules.
- Establish a mechanism totranslate EDR/SIEM queries to SIGMA rulesand develop a comprehensive dataset of detection rules.
- Stay updated on the latest threats vulnerabilities and detection methodologies and apply them in rule creation.
- Collaborate with other stakeholders inapplication of Rules dataset for fine tuning of LLMs and RAG implementation.
Communication and Documentation:
- Excellent written and oral communication presentation listening and interpersonal skills.
- Collaborating effectively with internal and external team.
- Excellent reporting time management analytical & communication skills.
Preferred Skills:
- Exposure toRAG (Retrieval-Augmented Generation)and fine-tuning ofLLMsfor cybersecurity tasks.
- Hands-on experience withMicrosoft Defender EDRandSplunk SIEM.
- Certifications such asSplunk Certified UserMicrosoft Certified: Security Operations Analyst AssociateGIAC Certified Detection Analyst (GCDA) or equivalent.
Qualifications and Technical Skills:
- 2 years of previous experience in Cybersecurity domain specializing in Detection Rule Engineering.
- Proven experience in creating and managing detection queries and rules inSIEM (Splunk)andEDR (Microsoft Defender)environments.
- Strong understanding ofSIGMA rules their use and how to convert detection logic between different platforms.
- Experience with log analysis threat intelligence integration and use case development forSIEMandEDRsystems.
- Deep knowledge of security event analysis log aggregation and threat detection methodologies.
- Familiarity with threat detection techniques like anomaly detection behavior analytics and indicator-based detection.
- Knowledge of network protocols operating system internals and security monitoring techniques.
- Scripting skills in languages such as Python PowerShell or bash for rule creation and automation.
- Strong troubleshooting and problem-solving skills.
- Familiarity with cybersecurity frameworks such asMITRE ATT&CKCyber Kill Chain andNIST.
Thank You
Emily Jha
Netsach - A Cyber Security Company
Required Experience:
Manager
Employment Type
Contract
