Y-Axis Jobs Logo
Send us feedback
telephone  +91 7670 800 001
Log in Sign up Try Premium
Purple Teamer Detection Engineer at black lantern security
Remote, Oregon, USA -
Full Time

Start Date

Immediate

Expiry Date

01 Nov, 25

Salary

0.0

Posted On

01 Aug, 25

Experience

0 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

No

Skills

Logrhythm, Hipaa, Glba, Bash, Python, Powershell, Prelude, Ethics, Arcsight, Background Checks, Windows, Red Team, Unix, Scripting Languages

Industry

Information Technology/IT

Description

BLACK LANTERN SECURITY IS A SERVICES ORIENTED COMPANY

  • Black Lantern Security is built around the ingenuity, passion, and determination of our Operators and Analysts
  • No one “mastermind”
  • No “cult of personality”
  • Competitive compensation and benefits
  • Healthy work-life balance
  • Project-based engagements that play to the team’s strengths
    Purple Teamer Detection Engineer

REQUIREMENTS:

  • Proficiency in scripting languages such as Python, Bash, and/or PowerShell.
  • Experience with at least one object-oriented programming language (e.g., Python, Ruby, Java).
  • Experience ingesting, parsing, and analyzing logs from diverse sources (e.g., OS, EDR, network, cloud).
  • Hands-on experience with one or more SIEM platforms (e.g., Splunk, ArcSight, LogRhythm, AlienVault).
  • Proficiency in detection query languages (e.g., Splunk SPL, KQL, Elastic DSL).
  • Familiarity with threat emulation and adversary simulation tools (e.g., ATT\&CK Navigator, Atomic Red Team, PurpleSharp, AttackIQ, Prelude, SCYTHE).
  • Strong foundational knowledge of Windows, Unix, TCP/IP, IDS/IPS technologies, and web filtering controls.
  • U.S. citizenship required (must be willing to undergo federal, state, and local background checks).
  • Demonstrated ability to:
  • Maintain the highest standards of honesty, ethics, and technical integrity.
  • Think critically and analytically about complex cyber risk and threat scenarios.
  • Build and communicate threat models and risk assessments effectively.
  • Apply cybersecurity frameworks and best practices (e.g., MITRE ATT\&CK, NIST 800-61).
  • Demonstrate a working understanding of regulatory frameworks such as HIPAA, PCI-DSS, and GLBA.
Responsibilities
  • Project-Based
  • Develop and tune detection rules across SIEM, EDR, and other telemetry sources based on relevant and emerging threats.
  • Build and maintain detection-as-code pipelines (e.g., Sigma, Splunk, KQL, YARA).
  • Correlate threat intelligence with internal telemetry to enrich detection logic.
  • Create detailed runbooks for adversary emulation and control validation using tools like Atomic Red Team, Caldera, or SCYTHE.
  • Collaborate with the red team to simulate relevant and emergent threat actor TTPs.
  • Utilize frameworks such as MITRE ATT\&CK and D3FEND to assess and track detection coverage.
  • Prepare clear and concise situation reports and activity summaries for both customers and senior leadership.
  • Develop and deliver walkthroughs, proof-of-concept (PoC) demonstrations, technical articles, and formal presentations.
  • Research and Development (R&D)
  • Attend and/or present at professional conferences, industry events, or internal brown-bag sessions.
  • Contribute to the development of:


    • Novel defensive tactics, techniques, and procedures (TTPs).

    • Custom applications, utilities, and automation scripts.
    • Threat hunting capabilities aligned with MITRE ATT&CK and emerging offensive TTPs.
    • Digital forensics and incident response (DFIR) tools, techniques, and methodologies.