Related skills
aws python splunk siem edr๐ Description
- Work across a diverse information security domain focusing on threat detection, response, and telemetry across infrastructure, cloud, and data.
- Detect and investigate threats (internal and external); partner with stakeholders on remediation and design preventive controls.
- Design and improve high-fidelity detection use cases across cloud, endpoint, identity, and network telemetry.
- Lead incident response with root-cause analysis and drive preventive improvements.
- Automate incident response workflows using playbooks and orchestration to reduce manual effort.
- Build in-house security analytics solutions using open source tools and threat hunting to detect advanced threats.
๐ฏ Requirements
- 2 to 6 years of information security experience focusing on threat detection and response.
- Hands-on detection across cloud (AWS preferred), endpoint, and network telemetry.
- Experience with EDR/IDS/IPS and SIEM platforms (Splunk/ELK) and building detection pipelines.
- Proficiency in Python, Go, or Bash; knowledge of MITRE ATT&CK, Cyber Kill Chain.
- Design and tune detection rules using MITRE ATT&CK and threat intel.
- Threat hunting experience; automation, enrichment, regex, and false-positive reduction.
๐ Benefits
- This is an engineering-driven threat detection role.
- Note: Not a traditional SOC role.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest โ finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!