Detection Engineer

RED, on behalf of a Global Partner are searching for strong Detection Engineer for an ongoing project.

Job Title: Detection Engineer

Location: Galway, Ireland - Hybrid (2-3 days/week onsite)

Duration: 6 month

Start: ASAP

Language: English

Capacity: 5 Days per week, 8h a day

Key responsibilities of the role:

• You will leverage your deep technical expertise to develop and enforce security standards, manage advanced security tools, and respond to complex security incidents.
• You will also mentor junior engineers, lead strategic security initiatives, and contribute to the continuous improvement of the organization's cybersecurity posture.
• Build advanced detection capabilities based upon research and analysis of threat actor methodology, threat intelligence, and adversarial technique frameworks (MITRE ATT&CK).
• Identify detection gaps in existing monitoring capabilities, by analysing the threat landscape, past incidents and threat intelligence reports.
• Design and implement advanced threat-detection mechanisms, with a focus on behavioural analysis and anomaly detection.
• Expert-level proficiency in SIEM platforms (eg, Splunk, QRadar), SOAR platforms (eg, Phantom, Demisto), and Data Lake technologies, with specific experience developing SIEM correlation rules, alerts and dashboards.
• Advanced knowledge of Scripting and automation (eg, Python, PowerShell) to develop custom detection rules and automate security processes.
• Strong analytical and problem-solving skills, with the ability to translate complex data into actionable insights.
• Excellent communication and leadership skills, with the ability to influence stakeholders at all levels of the organization.
• Ability to manage multiple high-impact projects simultaneously, working effectively in a fast-paced, high-pressure environment.
• Network security controls (eg, Firewalls, Proxy, IPS/IDS).
• Authentication and Authorization protocols.
• Attacker Methodologies and Post Exploit Operations.
• Active Directory/Azure AD.
• Security Operations and Threat Intelligence.
• Cloud Threat Detection use-case development (Azure/AWS/GCP).
• Familiarity with GitHub and agile development methodologies.
• Capability to write advanced regular expressions.
• Knowledge of, and experience with Risk-Based-Alerting (RBA) concepts.
• SOC incident response experience is a plus.
• Strong self-motivation and time management skills required.
• Excellent written and verbal communication skills required.
• You are well-versed in frameworks such as NIST 800-53, ISO 27001, and Zero Trust, and have a strong understanding of cloud security and Dev Sec Ops principles.

Education & Experience Requirements:

• 8+ years of experience in cybersecurity, with a strong focus on security engineering, architecture, and operations.
• Proven experience with large-scale detection engineering initiatives and managing complex security environments.
• Certified Cloud Security Professional (CCSP), GIAC Security Expert (GSE), Offensive Security Certified Professional (OSCP), Certified Information Security Manager (CISM), or other advanced certifications relevant to cybersecurity engineering preferred certifications.

If this is something you would be interested in, please apply with an updated CV/Resume, which includes your specific experience on the above and I will be in touch to discuss this opportunity in more detail ASAP.