Talent.com
Tawaran kerja ini tidak tersedia di negara anda.
Lead Detection Engineer

Lead Detection Engineer

GXS BankPetaling Jaya, Selangor, Malaysia
18 jam yang lalu
Penerangan pekerjaan

The incumbent will be responsible for designing, implementing, and maintaining security detection capabilities across our organization's infrastructure and applications. This role bridges security operations and development teams to build automated, scalable detection systems that identify potential security threats early. Working within a DevSecOps framework, the Detection Engineer will help embed security throughout the development lifecycle while maintaining robust threat detection capabilities in production environments.

Key Responsibilities :

  • Design and implement detection rules and alerts across security tools including SIEM, EDR, and cloud security platforms
  • Create reproducible detection engineering workflows using infrastructure as code and CI / CD pipelines
  • Develop and maintain security monitoring use cases based on current threat intelligence and known attack patterns
  • Implement Detection as Code practices to version control, test, and deploy detection rules
  • Configure and optimize SIEM and SOAR platforms to improve detection capabilities and response workflows
  • Conduct threat hunting activities to proactively identify potential security incidents
  • Reduce false positives through continuous tuning and refinement of detection capabilities
  • Collaborate with development teams to integrate security monitoring into application architecture
  • Automate security response workflows for common threat scenarios
  • Document detection strategies, processes, and procedures
  • Review and validate security alerts to determine appropriate response actions
  • Stay current with emerging threats and attack techniques

Knowledge :

  • Advanced understanding of attack methodologies, TTPs, and the MITRE ATT&CK framework
  • Deep familiarity with log sources and event data across operating systems, network devices, and cloud platforms
  • Comprehensive knowledge of security monitoring technologies (SIEM, EDR, NDR, XDR)
  • Strong understanding of SIEM architecture, rule development, and SOAR playbook creation
  • Proficiency in Amazon Web Services infrastructure, services, and security controls
  • Understanding of Detection as Code methodologies and best practices
  • Understanding of common security frameworks (NIST, CIS, ISO 27001)
  • Awareness of DevOps principles and CI / CD workflows
  • Knowledge of compliance requirements relevant to the organization's industry
  • Understanding of cloud security architecture in major platforms (AWS, Azure, GCP)

    • Skills :

  • Proven experience implementing and managing SIEM solutions (e.g., Splunk, Elastic, QRadar, Microsoft Sentinel)
  • Demonstrated experience with SOAR platforms and automated response workflows
  • Hands-on experience with AWS security services (GuardDuty, Security Hub, CloudTrail, CloudWatch)
  • Proficiency in Detection as Code practices using tools like Panther, Sigma, or similar frameworks
  • Experience building, testing, and deploying detection rules through CI / CD pipelines
  • Proficiency in at least one programming language such as Python, Go, or PowerShell
  • Experience with infrastructure as code tools (Terraform, CloudFormation, etc.)
  • Strong data analysis and pattern recognition abilities
  • Expertise in log parsing, normalization, and correlation techniques
  • Experience with query languages used in security tools (KQL, SPL, etc.)
  • Ability to develop and implement detection logic using YARA, Sigma, or similar rule formats
  • Practical experience with Git and version control for detection rule management
  • Skilled in using and integrating APIs for security tooling
  • Strong documentation and technical writing abilities
  • Excellent communication skills to explain complex security concepts to various stakeholders
    • Buat amaran kerja untuk carian ini

    Lead Engineer • Petaling Jaya, Selangor, Malaysia