Senior Engineer, Detection R&D
Share
Job Location:
Bethesda, MD - USA
Monthly Salary:
Not Disclosed
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
JOB SUMMARY
This role is responsible for enhancing detection coverage and methodology through cyber threat detection research and advanced threat detection prototyping within the SIEM Security Data Lake and analytics tools. Research entails analysis and devising detection approaches informed by threat intelligence by the CTI Team threat models purple team outcomes and detection coverage and visibility gap assessments. Development work entails advanced detection prototyping for deployment at scale in partnership with Detection Engineering Cybersecurity Operations and Marriotts business application teams. Candidates should possess either red team or purple team experience as well as expertise in cyber threat detection and response and a strong understanding of adversarial TTPs. Hands-on skills and creative thinking are essential.
CANDIDATE PROFILE
Education and Experience
Required:
Bachelors degree in Computer Science Information Security or a related field; or equivalent experience and certifications
6 years of combined experience in detection engineering red/purple teaming security analytics vulnerability management or cyber threat detection roles
3 years working with Splunk SIEM (Enterprise Security) CrowdStrike NG-SIEM or developing UEBA/behavior-based threat detections
Hands-on experience with EDR tools such as CrowdStrike Falcon MS Defender Sentinel One etc. and pen testing/vulnerability assessments
Proven ability to develop advanced detection content including correlation rules behavioral analytics and threat hunting queries
Preferred Skills/Experience:
Current advanced information security certifications (e.g. CISSP CISM GIAC OSCP)
Hands on experience with UEBA solutions and building detections leveraging machine learning
Amazon Security Lake experience
Familiarity with cloud security threat intelligence platforms and modern security architectures
Experience with scripting/programming (Python PowerShell etc.) and automation
Working knowledge of frameworks such as MITRE ATT&CK MITRE D3FEND NIST CSF and ISO/IEC 27001
Core Responsibilities
Leadership:
Provide mentorship for junior engineers and Detection Engineering resources.
Technical Execution:
Conduct cyber threat detection methodology research aligned with cyber threat detection coverage gaps threat modeling and threat intelligence
Partner with CTI Team Detection Engineering Security Engineering and Security Architecture to develop behavior-based detections leveraging AI/ML and other methods
Develop prototype correlation searches dashboards reports and alerts within the SIEM UEBA and Security Data Lake platforms. Partner with CTI Team and Detection Engineering to deploy detections at scale
Collaboration and Communication:
Share detection approaches recommendations developed analytics and other products of detection research with CTI Teams Detection Engineering and other teams as appropriate to inform detection development
Facilitate cross-team collaboration sessions to ideate and review detection use cases and detection methodologies
Document and share detection approaches for TTPs threat models and monitoring strategies using standard templates and methodologies
Collaborate with CTI Team Detection Engineering Security Architecture and Engineering teams to ensure detection coverage aligns with cybersecurity risks and business priorities
Engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
Attend SCRUM and prioritization meetings to review and update deliverables
Continuous Improvement:
Drive detection coverage gap improvement and increased detection efficacy
Stay current with emerging threats adversary tactics techniques and detection technologies
Contribute to the development and refinement of detection engineering standards workflows and best practices
At Marriott International we are dedicated to being an equal opportunity employer welcoming all and providing access to opportunity. We actively foster an environment where the unique backgrounds of our associates are valued and greatest strength lies in the rich blend of culture talent and experiences of our are committed to non-discrimination on any protected basis including disability veteran status or other basis protected by applicable law.
Required Experience:
Senior IC
Key Skills
- Laboratory Experience
- Vendor Management
- Design Controls
- C/C++
- FDA Regulations
- Intellectual Property Law
- ISO 13485
- Research Experience
- SolidWorks
- Research & Development
- Internet Of Things
- Product Development
About Company
At Le Méridien, we are inspired by the era of glamorous travel, celebrating each culture through the distinctly European spirit of savouring the good life. Our guests are curious and creative, cosmopolitan culture seekers that appreciate moments of connection and slowing down to savou ... View more
