Threat Detection Engineer

Job Description:

• Dive deep into terabytes of SaaS Application data to identify new attack vectors, emerging threats, and vulnerabilities across various attack surfaces.
• Stay up-to-date with the latest cybersecurity trends and contribute to the development of cutting-edge threat detection methodologies.
• Utilize your technical prowess to investigate complex SaaS & AI security incidents, analyzing data from diverse SaaS applications to uncover the root causes and methods of attack.
• Leverage your expertise in data analysis and correlation to fine-tune detection rules and algorithms, minimizing false positives and enhancing the accuracy of the platform's threat alerts.
• Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences to share insights, educate the community, and enhance the company's reputation in the cybersecurity landscape.
• Collaborate with security researchers and data scientists to define new threat detection strategies based on SaaS attack vectors and industry trends.
• Continuously monitor and analyze SaaS attack techniques, adapting security posture to evolving threats.
• Work with APIs and integrations to ingest security logs from various SaaS platforms, correlating signals to detect real threats.

Requirements:

• A background of at least 5 years in cybersecurity, preferably in SOC, SIEM, Threat Intelligence, or Cloud Security
• Experience with SaaS security challenges, such as shadow IT, OAuth risks, IDP misconfigurations, and excessive permissions.
• Hands-on experience with security data analysis, including large-scale log processing, anomaly detection, and behavioral analytics.
• Proficiency in SQL (e.g., ClickHouse) for querying security events and correlating threat indicators.
• Strong understanding of identity-based attacks, insider threats, and SOC detection methodologies.
• Familiarity with SIEM and XDR solutions (e.g., Splunk, Sentinel, Chronicle) and their role in modern detection engineering.
• Strong problem-solving and analytical skills to triage security incidents and optimize detection rules.