IT Security Detection Engineer

The IT Security Detection Engineer operates as a multi-disciplinary engineer within the Security Operations Team at BorgWarner. This role will employ various skills and experience to drive incident detection optimization and resolution.
On a daily basis the Information Security Engineer collects reviews interprets correlates and analyses data during and post incident in order to create a comprehensive picture of any potential threat.
Performs activities combining analytic and design skills with adequate knowledge of software and hardware technologies in order to define design create test implement and modify informatic systems which have software as a main component.

Key responsibilities

• Developing and maintaining detection rules to identify malicious or suspicious activity within the environment.
• Implementing and managing systems for real time threat detection and alerting.
• On a day-to-day basis responding to remediating and coordinating incident response actions with other stakeholders both internal and external.
• Proactively searching for threats and vulnerabilities within the network
• Developing and maintaining log collection systems such as a SIEM and/or Data Lake for long term data retention and normalization
• Developing and maintaining automation platforms within the security operations tool offering to optimize automated responses where possible
• Working with other IT and IT Security teams to ensure comprehensive threat coverage and understanding of impact and criticality
• Creating scripts and necessary reports to prevent disruption or unavailability of information assets and assess the impact.
• Analysing security attacks and advised on ways to solve them by configurating the existing security systems.
• Defining and implementing information assets that have software as the main component in order to improve the security posture.
• Developing and maintaining technical runbooks and process documentation.
• Conducting in-depth analysis of suspicious activities and attempted attacks during and post incident through and not limited to the analysis of malware packets alerts and logs for signs of malicious activity.
• Staying current with security operations data analysis and incident response technology methodology and legal requirements.
• Performing computer forensic & incident investigations when required.
• Ensuring that all investigations are performed in-line with regulatory requirements and internal corporate policies standards and procedures.
• Providing metrics for management and periodic intelligence reports and lessons learned on various threat actors and IOCs.
• Building upon existing capabilities through continuous improvement of relevant intelligence sources and methods recommending new tools and procedures to detect threats and protect intellectual property and assets.
• Assisting in support of formal investigations and/or inquiries to resolve insider threat related matters acceptable use policy violations.
• Identifying areas for improvement in internal processes along with possible solutions.
• Working with the IT Security Operations Lead to define and document standard operating procedures for security incident handling malware analysis vulnerability management etc.
• Maintaining the confidentiality related to the professional secret and the security of the documents manipulated and administrating by him / her.

What were looking for

• Bachelors degree in Security Management; Compliance or Computer Science or comparable course of studies
• 2 years of experience in IT Security with a focus on Incident Response and SOC Any of the following: Comptia Security SANS Certification OffSec Certification
• Foreign languages: Fluent in English written and verbal

Key Job Skills and or competencies

• Deep understanding of security systems firewalls authentication systems log management content filtering network security and networking technologies
• Has worked with and managed at least one of the following technologies: SIEM SOAR Data Lake EDR DLP FW IDS/IPS
• Proven knowledge in the following security disciplines : advanced threats information security incident detection and response forensic investigative practices
• Experience in developing collecting and analysing threat intelligence
• Experience with rule-driven and analysis-driven incident response platforms
• Experience in AI and LLM models
• Experience in cyber intelligence analytic methodologies such as Kill Chain threat modelling threat hunting
• Relevant experience in an international environment with globally distributed teams
• Identifying problems; recognizing significant threats and risks; making connections between data
• Tracing possible causes of problems; investigating relevant data
• Upholding generally accepted social and ethical standards in job-related activities
• Strong written oral and presentation skills

Internal Use Only: Salary

Global Terms of Use and Privacy Statement

Carefully read the BorgWarner Privacy Policy before using this website. Your ability to access and use this website and apply for a job at BorgWarner are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here select the geographical area where you are applying for employment and review. Before submitting your application you will be asked to confirm your agreement with the terms.

Career Scam Disclaimer: BorgWarner makes no representations or guarantees regarding employment opportunities listed on any third-party website. To protect against career scams job applicants should take the necessary precautions when interviewing for and accepting employment positions allegedly offered by BorgWarner. Applicants should never provide their national ID numbers birth dates credit card numbers bank account information or other private information when communicating with prospective employers or responding to employment opportunities online. Job applicants are invited to contact BorgWarner through BorgWarners website to verify the authenticity of any employment opportunities.