Detection Engineer
Remote Office · Salt Lake City, Utah, United States
Who We Are
Legato Security is an information security firm founded upon the belief that every organization has the right to keep its data private and secure. Our mission is to build close partnerships with our clients, serving them not as just a vendor, but as trusted advisors helping to build effective, proactive plans. Our focus is always on both the technical and human elements within an organization. We believe in comprehensive strategies designed to harden networks, deflect attackers, and rapidly recover from any accidents. As technology progresses, so do our tactics, ensuring our experts are always prepared to serve forward-looking leaders eager to stay ahead of emerging threats.
Position Overview
Legato Security is seeking a motivated junior or mid-level Detection Engineer to assist with detection engineering efforts. As a Detection Engineer, you will assist with rule creation, rule tuning, creating documentation, assisting with on-going infrastructure projects, and assisting with customer requests.
Specific Job Responsibilities
- Create, improve, review, and tune detection rules in various SIEMs (e.g., Sumo Logic, Google SecOps, Stellar Cyber). This will include log reviews of customer environments to make informed decisions.
- Assist in creating and maintaining documentation for detection procedures, workflows, and active projects.
- Collaborate with SOC analysts to improve detection accuracy and reduce false positives
- Help maintain and update detection use cases based on emerging threats and customer-specific logs.
- Assist in creating regular reports on detection metrics and effectiveness.
- Review and respond to internal and customer requests to assist with anything related to detection engineering.
- Contribute to declarative and imperative programming projects to assist with detection as code
- Meet with customers to assist with their requests around detection engineering.
Required Qualifications
- Bachelor's degree in Computer Science, Cybersecurity, related field or equivalent industry experience
- 3-5 years of experience in detection engineering or a related field (e.g., SOC Analyst, Pen Testing, IT Infrastructure, Network Engineering, or Software Development). Job-specific experience in detection engineering is not required
- Familiarity with networking principals, (e.g. routing, common protocols, firewall functionality, etc.)
- Basic understanding of Windows operating systems (e.g. versions, common exploits, understanding of registries, exposed protocols, common enumeration commands, etc.)
- Active Directory Fundamentals (e.g. basic …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
- Maintain documentation
Active Directory Communication Detection engineering Google secops Networking principles Programming Project Management SIEM Sumo logic Windows OS
Experience3 - 5 years
EducationBachelor's degree Computer Science Cybersecurity Related Field
Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9