Automation QA Engineer with Python
Automation QA Engineer with Python
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Our client a Cybersecurity Company leverages massive amounts of data to construct the valuable insights that keep our customers safe. As cyber threats evolve so must our detection capabilities. We continuously create and refine detection rules to stay ahead of emerging threats and its critical that these detections are tailored to the unique environments and needs of our customers for maximum impact. We are seeking a Detection Engineer to lead efforts in automating scaling and assuring the quality of our detection content. Your work will directly support the delivery of high-fidelity SIEM-ready detection rules ensuring our customers receive timely relevant and actionable protection through our product platform.
Responsibilities:
- Lead the development and maintenance of CI/CD pipelines that automate the translation of Sigma rules into SIEM-native detection formats such as KQL SPL and ECS-based syntaxes.
- Design and implement robust validation linting and QA workflows to ensure the syntactic correctness logic integrity and coverage quality of detection rules before they are delivered to customer systems.
- Collaborate closely with detection content authors threat researchers and product engineering to align rule logic with attacker behaviors and customer environments.
- Contribute to a centralized detection-as-code platform that manages lifecycle version control testing and release of detections to downstream products.
- Investigate new approaches to detection normalization enrichment and telemetry alignment that improve detection effectiveness and cross-SIEM portability.
- Provide mentorship on detection rule structure QA practices and platform compatibility.
Requirments:
- 2 years of experience in detection engineering security operations or threat detection development ideally within product or platform teams.
- Hands-on experience building or contributing to CI/CD pipelines (e.g. GitHub Actions GitLab CI CircleCI) that include automated testing validation and deployment.
- Strong understanding of Sigma rule format and its translation mechanisms (e.g. sigmac) into target SIEM languages such as Kusto Query Language (KQL) Splunk Processing Language (SPL) and Elastic DSL.
- Proficiency in Python or Go for automation and tool integration; experience with YAML JSON schema and detection-as-code practices.
- Familiarity with cloud-native detection environments (e.g. Azure Sentinel Chronicle Elastic Security).
Nice to have:
- Experience with Infrastructure-as-Code (e.g. Terraform) container orchestration (Docker/Kubernetes) or QA frameworks for content validation.
We offer*:
- Flexible working format - remote office-based or flexible
- A competitive salary and good compensation package
- Personalized career growth
- Professional development tools (mentorship program tech talks and trainings centers of excellence and more)
- Active tech communities with regular knowledge sharing
- Education reimbursement
- Memorable anniversary presents
- Corporate events and team buildings
- Other location-specific benefits
*not applicable for freelancers
Employment Type
Full Time
