Threat Detection and Response Expert - Blue Team

The Threat Detection and Response (TDR) Expert is part of the Blue Team of OBRELA and is responsible for developing, tuning, and maintaining detection capabilities within the organization's security infrastructure. This role focuses on identifying, analyzing, and mitigating security threats using tools like SIEM, EDR, and other detection platforms. The engineer collaborates with cross-functional teams to ensure robust threat detection and response mechanisms.

The TDR Expert also serves as detection authority for initial incident declaration and approves/performs further investigation of escalated events utilizing MDR technologies. Contributes with ideas to improve detection capability and drives recommendations to customers for incident remediation. Assists in the training of new analysts and their further guidance in areas of expertise. Continuously interacts with the SOC for the ongoing improvement of detection and performance metrics.

The TDR Expert is responsible for building and maintaining different SIEM/XDR content libraries and perform R&D for updating the respective content registries. Interacts with the SecDevOps teams or contributes as part of the Blue Team effort to implement threat detection analytics or customer specific use cases.

Requirements:

• Bachelor’s degree or higher in computer science or related area of study or equivalent combination of education and/or relevant work experience. MSc in relative areas is considered a plus.
• Experience in rule creation for at least one of the two following SIEMs (Azure Sentinel [KQL] – IBM Qradar)
• Excellent verbal and written communication skills, both in English and Greek language.
• Problem solving skills on short timeframes and ability to “think outside the box” & Analytical thinking with the ability to break down a big problem into smaller chunks.

Desired requirements:

• Experience in incidents’ analysis and rule creation using EDR products (CrowdStrike, Carbon Black, MS Defender)
• Related certifications (GCIH, GCFE, GCFA, GNFA, eCIR, CEH and/or Security+)
• Situational assessment and decision-making capabilities

Benefits:

• Dynamic and respectful environment – our people are the core of our business, we value each and every individual and support initiatives, promoting agility and work/life balance.
• Continuous coaching – work with passionate people and receive both theoretical as well as hands-on training.
• Career development. Expand your career internationally and work alongside knowledgeable people from diverse cultures and backgrounds.

• A competitive compensation package dependent upon your experience and qualifications. We’re focused on rewarding efforts. Our salaries and benefits package will keep you motivated throughout your career.