Software Engineer - Security Detection Engineer

at  Capgemini

LIFE AT CAPGEMINI

Capgemini supports all aspects of your well-being throughout the changing stages of your life and career. For eligible employees, we offer:
Collaborating with teams of creative, fun, and driven colleagues
Flexible work options enabling time and location-based flexibility
Company-provided home office equipment
Virtual collaboration and productivity tools to enable hybrid teams
Comprehensive benefits program (Health, Welfare, Retirement and Paid time off)
Other perks and wellness benefits like discount programs, and gym/studio access.
Paid Parental Leave and coaching, baby welcome gift, and family care/illness days
Back-up childcare/elder care, childcare discounts, and subsidized virtual tutoring
Tuition assistance and weekly hot skill development opportunities
Experiential, high-impact learning series events
Access to mental health resources and mindfulness programs
Access to join Capgemini Employee Resource Groups around communities of interest

REQUIRED EDUCATION AND EXPERIENCE

Must have:

• 5+ years of professional experience.
• Experience in Security Information Event Management (SIEM) tools.
• Proficient with SQL
• Proficient with querying big data technologies (e.g. Snowflake, Presto, Hive, Hadoop)
• Minimum of 3 years of direct experience in Threat Hunting and Detection role
• Ability to build and articulate hunt hypotheses based on observed patterns, anomalies, or known tactics, techniques, and procedures (TTPs) of threat actors.
• Experience developing adversary profiles groups based on Threat Intelligence data
• Experience analyzing malware, extracting observables and enriching SIEM detections
• Understanding of endpoint security, identity management, cloud security, detection engineering, vulnerability management, incident response, and threat intelligence.
• Understanding of various Security frameworks, models, like MITRE ATT&CK, Diamond Model,Kill chain etc
• Excellent communication skills and experience working with technical and non-technical teams.

Nice to have:

• Certified Information Systems Security Professional (CISSP)
• GIAC Security Essentials (GSEC)
• AWS Certificate

• Obtains tasks from the project lead or Team Lead (TL), prepares functional and design specifications, approves them with all stakeholders.
• Ensures that assigned area/areas are delivered within set deadlines and required quality objectives.
• Provides estimations, agrees task duration with the manager and contributes to project plan of assigned area.
• Analyzes scope of alternative solutions and makes decision about area implementation based on his/her experience and technical expertise.
• Leads functional and architectural design of assigned areas. Makes sure design decisions on the project meet architectural and design requirements.
• Build security detections and detection frameworks
• Inventory, onboard and document logging sources to the event monitoring platform
• Research emerging adversary techniques and tooling, using the knowledge gained to build novel detections
• Investigate anomalous or suspicious behavior in the environment
• You will be analyzing different sources of information for detection, responding and investigating incidents
• You will be involved in developing IR initiatives that improve our capabilities to respond and remediate security events faster
• Build automation for identification, response, and remediation of malicious activity
• You work well with others, see the value of a team, and partner effectively with all stakeholders.
• Addresses area-level risks, provides and implements mitigation plan.
• Reports about area readiness/quality, and raises red flags in crisis situations which are beyond his/her AOR.
• Responsible for resolving crisis situations within his/her AOR.
• Initiates and conducts code reviews, creates code standards, conventions and guidelines.
• Suggests technical and functional improvements to add value to the product;
• Constantly improves his/her professional level.
• Collaborates with other teams.