Job Title: Threat Detection Engineer
Location: San Jose, CA (Remote to candidates all over US)
Duration: 8 months
Contract Type: W2 only
Pay Rate: $56.34/Hour

Duties:

• Threat Detection Library Development and Maintenance: Design, develop and maintain a comprehensive threat detection library including rules, alerts, and dashboards used to identify and respond to malicious activity.
• Deliver detection instrumentation across a variety of data, tools and technologies including but not limited to endpoint, network, cloud, and identity platforms.
• Develop and scale detection, mitigation, and response automation tooling.
• Collaborate with other security engineers, analysts, threat hunters, threat intelligence, and red team to build effective threat detection capabilities.

Skills:

• Hands on experience with cyber threat detection engineering, anomaly detection, risk scoring and behavior analytics as it applies to security.
• Proven experience in building detection logic to identify suspicious or malicious behavior.
• Solid understanding of threat intelligence, attacker methodology, and hardware/network forensics.
• Experience with SIEM platforms (Splunk ES preferred).
• Excellent analytical and problem-solving skills with the ability to think critically and under pressure.
• Familiarity with CSIRT/SOC analyst and Incident Response procedures.
• Strong written and verbal communication skills.
• Collaborative outlook and ability to multi-task in a fast paced environment.
• Experience with cloud security platforms (AWS, Azure, GCP).
• Proficiency in Python scripting for automation and data analysis is a plus.
• Experience EDR and/or CSPM is a plus.
• Experience with Detection-as-Code or CI/CD is a plus.
• Experience with Databricks or SQL-like query languages is a plus.
• Experience with Splunk SOAR/Phantom or other SOAR technologies is a plus.
• Experience with Machine learning, AI, LLMs is a plus.

Education:

• Bachelor’s degree in Cybersecurity, Computer Science, or a related field, or equivalent practical experience in cybersecurity.

• Threat Detection Library Development and Maintenance: Design, develop and maintain a comprehensive threat detection library including rules, alerts, and dashboards used to identify and respond to malicious activity.
• Deliver detection instrumentation across a variety of data, tools and technologies including but not limited to endpoint, network, cloud, and identity platforms.
• Develop and scale detection, mitigation, and response automation tooling.
• Collaborate with other security engineers, analysts, threat hunters, threat intelligence, and red team to build effective threat detection capabilities