Software Engineer - Security Detection Engineer
at Capgemini
Toronto, ON, Canada -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 09 Jul, 2024 | USD 118350 Annual | 10 Apr, 2024 | 3 year(s) or above | Hadoop,Cloud Security,Incident Response,Threat Intelligence,Hive,Models,Vulnerability Management,Endpoint Security,Communication Skills,Presto,Sql | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
LIFE AT CAPGEMINI
Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:
Collaborating with teams of creative, fun, and driven colleagues
Flexible work options enabling time and location-based flexibility
Company-provided home office equipment
Virtual collaboration and productivity tools to enable hybrid teams
Comprehensive benefits program (Health, Welfare, Retirement and Paid time off)
Other perks and wellness benefits like discount programs, and gym/studio access.
Paid Parental Leave and coaching, baby welcome gift, and family care/illness days
Back-up childcare/elder care, childcare discounts, and subsidized virtual tutoring
Tuition assistance and weekly hot skill development opportunities
Experiential, high-impact learning series events
Access to mental health resources and mindfulness programs
Access to join Capgemini Employee Resource Groups around communities of interest
REQUIRED EDUCATION AND EXPERIENCE
Must have:
- 5+ years of professional experience.
- Experience in Security Information Event Management (SIEM) tools.
- Proficient with SQL
- Proficient with querying big data technologies (e.g. Snowflake, Presto, Hive, Hadoop)
- Minimum of 3 years of direct experience in Threat Hunting and Detection role
- Ability to build and articulate hunt hypotheses based on observed patterns, anomalies, or known tactics, techniques, and procedures (TTPs) of threat actors.
- Experience developing adversary profiles groups based on Threat Intelligence data
- Experience analyzing malware, extracting observables and enriching SIEM detections
- Understanding of endpoint security, identity management, cloud security, detection engineering, vulnerability management, incident response, and threat intelligence.
- Understanding of various Security frameworks, models, like MITRE ATT&CK, Diamond Model,Kill chain etc
- Excellent communication skills and experience working with technical and non-technical teams.
Nice to have:
- Certified Information Systems Security Professional (CISSP)
- GIAC Security Essentials (GSEC)
- AWS Certificate
Responsibilities:
- Obtains tasks from the project lead or Team Lead (TL), prepares functional and design specifications, approves them with all stakeholders.
- Ensures that assigned area/areas are delivered within set deadlines and required quality objectives.
- Provides estimations, agrees task duration with the manager and contributes to project plan of assigned area.
- Analyzes scope of alternative solutions and makes decision about area implementation based on his/her experience and technical expertise.
- Leads functional and architectural design of assigned areas. Makes sure design decisions on the project meet architectural and design requirements.
- Build security detections and detection frameworks
- Inventory, onboard and document logging sources to the event monitoring platform
- Research emerging adversary techniques and tooling, using the knowledge gained to build novel detections
- Investigate anomalous or suspicious behavior in the environment
- You will be analyzing different sources of information for detection, responding and investigating incidents
- You will be involved in developing IR initiatives that improve our capabilities to respond and remediate security events faster
- Build automation for identification, response, and remediation of malicious activity
- You work well with others, see the value of a team, and partner effectively with all stakeholders.
- Addresses area-level risks, provides and implements mitigation plan.
- Reports about area readiness/quality, and raises red flags in crisis situations which are beyond his/her AOR.
- Responsible for resolving crisis situations within his/her AOR.
- Initiates and conducts code reviews, creates code standards, conventions and guidelines.
- Suggests technical and functional improvements to add value to the product;
- Constantly improves his/her professional level.
- Collaborates with other teams.
REQUIREMENT SUMMARY
Min:3.0Max:5.0 year(s)
Information Technology/IT
IT Software - Other
Software Engineering
Trade Certificate
Aws certificate
Proficient
1
Toronto, ON, Canada