Related skills
aws sql gcp mitre att&ck kql๐ Description
- Create/refine detection logic across endpoint, cloud, identity, network, web, and email.
- Validate rule behavior via functional testing and false-positive reviews.
- Evaluate attack paths and improve kill chain coverage.
- Analyze telemetry across sources to boost signal-to-noise ratios.
- Support cloud detections for AWS, Azure, and GCP.
- Collaborate with senior researchers on new detection approaches.
- Use lightweight simulations or scripted tests to generate telemetry.
- Participate in Elastic Security Labs, detection packages, and community sharing.
๐ฏ Requirements
- Experience in threat research, detection engineering, or blue-team roles.
- Understanding of core concepts across multiple security domains.
- Ability to write/validate detections using EQL, KQL, SQL.
- Familiarity with MITRE ATT&CK and MITRE ATLAS.
- Strong analytical and problem-solving skills, especially around false positives.
- Clear, collaborative communication and willingness to learn from others.
๐ Benefits
- Health coverage for you and your family in many locations.
- Flexible locations and schedules for many roles.
- Generous number of vacation days each year.
- Donate matching up to $2000 (or local currency).
- Up to 40 hours per year to use toward volunteer projects.
- Embracing parenthood with minimum of 16 weeks of parental leave.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest โ finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!