Overview

About the Role:

The CrowdStrike Managed Services team offers opportunities to expand your skill set through a wide variety of experiences building detection rules, tools, and infrastructure supporting Falcon Complete Next-Gen SIEM. As a Detection Engineer on the Falcon Complete team, you will be responsible for collaborating with internal CrowdStrike teams to create high fidelity detections based on both CrowdStrike and 3rd-party telemetry to enable the Falcon Complete Next-Gen MDR team. The ideal candidate will demonstrate high competency in technical skills aimed at delivering value for customers and providing a successful experience with Falcon Complete.

What You’ll Do:

  • Perform threat research and threat hunting to identify emerging tactics, techniques, and procedures (TTPs) to build detection requirements using an intelligence driven approach

  • Develop, test, and deploy actionable high fidelity CrowdStrike Next-Gen SIEM detection rules to enable a world class Managed Detection and Response team

  • Perform code reviews and testing to ensure high quality and high fidelity detection rules

  • Leverage CI/CD best practices and principles to deploy detection rule logic at scale

  • Collaborate with Security Analysts to create playbooks for triage and response for actionable high fidelity detections

  • Collaborate with SIEM architects to develop and define best practices for parsing data and normalizing data to a common event schema

  • Build and maintain utilities and tools to enable the managed services team to operate quickly and at a large scale

  • Develop and maintain processes and documentation

What You’ll Need:

Successful candidates will have experience in many of the following areas:

  • 3+ years of experience as a detection engineer, security engineer, security analyst, threat intelligence analyst, or related field

  • Knowledge of current cyber threats and how to detect them using SIEM and relevant technologies

  • Relevant industry certifications (i.e. GCFA, GCDA, GCIH, etc.)

  • Experience with analyzing large datasets across variety of vendors

  • Experience working with SIEM solutions (LogScale, Splunk, SumoLogic, Sentinel, QRadar, LogRhythm, etc)

  • Proven ability to write code and leverage regular expressions

  • Participate in a Detection Engineer handler rotation

  • Attention to detail and effective communication skills

PandoLogic. Category:Technology,