Security Detection Engineer (100% Remote)

Our customer is a large United States insurance company that is backed by more than 100 years of experience and provides insurance products and services for businesses and professionals in the United States., Canada and Europe. Headquartered in Chicago, IL, they have more than 20 US locations.

We are seeking a Security Detection Engineer on a contract basis to help support our Customer's business needs. This role is 100% Remote.

The primary focus will be on implementing, configuring, and maintaining security detection rules and mechanisms within on-premise and Google Cloud environments. Your expertise will contribute to the mission of safeguarding assets and ensuring the highest level of security for cloud infrastructure. This role requires in-depth knowledge of detection engineering, incident response, investigations, and emerging threat trends.

Responsibilities

• MITRE ATT&CK Framework: Utilize the MITRE ATT&CK Framework for threat detection creation, gap assessment and analysis.
• Security Detection Implementation: Implement, configure, and maintain security detection rules and mechanisms, including intrusion detection, anomaly detection, and log analysis tools, to identify and respond to security incidents.
• Security Operations: Play a critical role in the day-to-day security operations, including monitoring, tuning, analysis, and proactive threat hunting.
• Incident Response: Lead incident response efforts, investigate security incidents, conduct root cause analysis, and implement corrective measures.
• Kubernetes Incident Response: Apply expertise in Kubernetes for incident response and forensic analysis.
• Security Automation: Develop and maintain automation scripts and tools to streamline security detection operations and response.
• Documentation: Maintain comprehensive documentation of security detection configurations, incident response procedures, and investigations.
• Stay Current: Stay up-to-date with the latest security threats, vulnerabilities, and industry trends to proactively enhance security detection measures.
  
  

Skills And Qualifications

• Bachelor's degree or a related field experience
• Google Cloud Professional Cloud Security Engineer certification or equivalent experience.
• Experience with cloud security detection tools and technologies, including intrusion detection, anomaly detection, and log analysis.
• Proficiency in scripting and automation (e.g., Python, Bash).
• Experience in incident response, investigations, and security operations.
• Proficiency in Kubernetes with a focus on incident response and forensic analysis.
• Familiarity with the MITRE ATT&CK Framework for threat detection and mitigation.
• Experience working with Splunk Enterprise Security or similar SIEM solutions.
• Experience working with threat emulation solutions like Atomic Red Team, PurpleSharp, Safebreach ,etc..
• Experience with CI/CD pipelines and Test Driven Development using Python
• Excellent problem-solving and analytical skills.
• Strong communication and teamwork skills.
• Relevant certifications such as CISSP, GCIH, GCIA, Certified Kubernetes Administrator (CKA), or Splunk certifications are a plus.
  
  

We offer a competitive salary range for this position. Most candidates who join our team are hired at the median of this range, ensuring fair and equitable compensation based on experience and qualifications.

Contractor benefits are available through our 3rd Party Employer of Record (Available upon completion of waiting period for eligible engagements)

Benefits include: Medical, Dental, Vision, 401k.

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.