Match score not available

Threat Detection Engineer

extra holidays - fully flexible
Remote: 
Full Remote
Experience: 
Mid-level (2-5 years)
Work from: 

Offer summary

Qualifications:

More than 3 years of information security experience., Experience with a SIEM platform, preferably Splunk., Knowledge in scripting, Python preferred., Deep understanding of networking and cyber attacks..

Key responsabilities:

  • Develop high-quality threat detection rules.
  • Collaborate with cross-functional teams to respond to threats.
Experian logo
Experian Information Technology & Services XLarge http://www.experianplc.com/
10001 Employees
HQ: Costa Mesa
See more Experian offers

Job description

Company Description

Experian unlocks the power of data to create opportunities for consumers, businesses and society. During life's big moments – from buying a home or car, to sending a child to college, to growing a business exponentially by connecting it with new customers – we empower consumers and our clients to manage data with confidence so they can maximize every opportunity. We gather, analyse and process data in ways others can't. We help individuals take financial control and access financial services, businesses make smarter decision and thrive, lenders lend more responsibly, and organizations prevent identity fraud and crime. For more than 125 years, we've helped consumers and clients prosper, and economies and communities flourish – and we're not done. Our 20,600 people in 43 countries believe the possibilities for you, and our world, are growing. We're investing in new technologies, talented people and innovation so we can help create a better tomorrow.

Job Description
  • Develop and maintain high-quality threat detection rules, queries, and alerts based on identified use cases, threat scenarios, and structured threat intelligence, including MITRE ATT&CK™ Tactics, Techniques and Procedures (TTPs).
  • Leverage the MITRE ATT&CK™ Framework and other forms of structured threat intelligence to enhance detection capabilities, develop contextualized alerts, and improve overall security posture.
  • Create and implement automated workflows and playbooks in tools such as Swimlane to enhance incident response capabilities and streamline security operation. Continuously research and stay up to date with the latest cyber threats, attack vectors, and methodologies to improve detection capabilities.
  • Collaborate closely with cross-functional teams, including Security Operations Center (SOC) analysts, Incident Responders and Threat Intelligence researchers to understand and respond to emerging threats.
  • Evaluate and recommend new security tools, techniques, and process to enhance the organization threat detection and response capabilities.
  • Participate in incident response activates and provide subject matter expertise when required.
  • Develop and maintain documentation related to threat detection and automation processes and procedures aligning to leading practices.
  • Provide training and guidance to team members to enhance their understanding of threat detection methodologies, automation techniques, and structured threat intelligence.

Qualifications
  • Prior experience in SIEM content development (LogRhythm, Splunk, QRadar, McAfee ESM, or similar SIEM platform), Splunk preferred
  • More than 3 years' of information security experience, preferably engineering or development
  • More than 1 years' experience supporting a SEIM platform in a content development or administrative role
  • More than 2 years' experience performing SOC analysis and/or incident response
  • Ability to effectively communicate with anyone, from end users to senior leadership- facilitating technical and non-technical conversations.
  • Deep understanding of technical concepts including networking and various cyber attacks
  • Solid comprehension of various security controls, capabilities and use in a corporate environment
  • Scripting (Python is preferred, but most any programming knowledge will be sufficient if engineer is willing to learn Python)
  • Demonstrated history of innovation and/or creativity
  • Ability to drive process improvements and identify gaps
  • Ability to excel in a team, as an individual, in a fast-paced deadline driven organization

Additional Information

Our uniqueness is that we truly value yours.

Experian Asia Pacific's culture, people, flexibility and environments are key differentiators. We take our people and equal opportunity agenda very seriously. We focus on what truly matters; DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering... the list goes on. We're an award winning organisation due to our strong people focus (Great Place To Work, Top Employer and Employer of Choice).

Experian Asia Pacific leverages cutting edge data science, inclusion and start-up mindsets to build tomorrow's credit solutions. Innovation is a critical part of Experian's DNA and practices. As is our diverse workforce, which drives our success. Everyone can succeed at Experian, irrespective of their gender, ethnicity, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

Experian Careers - Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Required profile

Experience

Level of experience: Mid-level (2-5 years)
Industry :
Information Technology & Services
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Teamwork
  • Communication
  • Problem Solving

Cyber Threat Intelligence Analyst Related jobs