Senior Cyber Detection Engineer
3 weeks ago
You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and translating that research data into high quality detections. Your role involves actively seeking effective and comprehensive detection strategy and capabilities, ensuring detections are thoroughly tested, alerts are relevant, of value and playbooks are available to and understood by cybersecurity operations teams.
As one of the team’s specialists on cloud technologies, you will work to mature the Attack Analysis team in how we secure, monitor and respond to incidents in both private and public cloud environments. You will work with internal security engineering and cloud engineering teams to ensure that Attack Analysis requirements are represented in the architecture, design and implementation of cloud environments. You'll help design, write and automate detection and incident response processes and tools for public and private cloud environments.
Working in cybersecurity takes passion for technology, speed, a desire to learn, and vigilance in order to keep every asset safe. You'll be on the front lines of innovation, working with a highly motivated team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. Your research and work will ensure stability, capacity and resiliency of our products. Working with your internal team, as well as technologists and innovators across our global network, your ability to identify threats, provide intelligent analysis and positive actions will stop crimes and strengthen our data.
As a member of the Attack Analysis team, you will fit into a Global team providing 24/7 monitoring and Incident Response , acting as the frontline for attacks against the firms' infrastructure. As a Detection Engineer, your role will include advanced analysis, threat hunting, evaluation of new security technology as well as ensuring larger technology projects at the company are ready to be integrated into the Attack Analysis team and monitoring function. There is also an emphasis on coaching and mentoring in this role; you'll work to bring up the technical expertise of the entire team around you. This could include running training sessions for the team in range or virtual environments, leading hunting exercises, serving as a technical escalation point and coaching the team through adopting monitoring responsibility.
Key areas of focus include: Public/Private Cloud Engineering and Incident Response,Detection Engineering, Threat Modelling.Hands-on experience withat least 1 cloud platform (AWS, Azure, GCP) is required.
Primary Qualifications
- Min. 6 years of working experience with at least 4 years of hands-on experience in Security Operations and Incident Response or Computer Network Operations (CNO) or Computer Network Defense (CND).
- Hands-on experience with at least 1 cloud platform (AWS, Azure, GCP) including infrastructure, security and cloud APIs.
- Bachelor’s degree in Computer Science, Information Security, Digital Forensics or equivalent qualification.
- Excellent written and verbal communication skills to describe security event details and technical analysis with audiences within the cybersecurity organization and other technology groups.
- Strong collaboration and stakeholder engagement skills.
- Experience with the creation and tuning of alerting rules from a SIEM and other devices in response to changing threats.
- Ability to research TTPs and develop high fidelity detections in various tools/languages including but not limited to: Splunk, CrowdStrike, Azure Sentinel, Suricata, Snort.
- Ability to use data science and analytical skills to identify anomalies over large datasets.
- Experience with log analysis and correlation of large datasets from multiple data sources to identify and investigate attack patterns.
- Experience with threat hunting on a large, enterprise network both as an individual and leading hunting exercises with other team members.
- Ability to perform packet-level analysis and strong understanding of common network protocols and the OSI model.
- Experience using scripting languages (Python, Powershell, Bash, etc.) to parse machine-generated data, interact with REST APIs and automate repetitive tasks.
Additional Technical Qualifications
- Experience with regular expressions and their applications.
- Experience with Digital Forensics & Incident Response processes including memory & file system analysis methodologies.
- Experience with analyzing Endpoint Detection & Response (EDR) telemetry and excellent knowledge of operating system internals (Windows, Linux, macOS).
- Knowledge with command line tools across Windows and Linux.
- Familiarity with malware analysis (both static and dynamic), binary triage, and file format analysis.
You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and translating that research data into high quality detections. Your role involves actively seeking effective and comprehensive detection strategy and capabilities, ensuring detections are thoroughly tested, alerts are relevant, of value and playbooks are available to and understood by cybersecurity operations teams.
As one of the team’s specialists on cloud technologies, you will work to mature the Attack Analysis team in how we secure, monitor and respond to incidents in both private and public cloud environments. You will work with internal security engineering and cloud engineering teams to ensure that Attack Analysis requirements are represented in the architecture, design and implementation of cloud environments. You'll help design, write and automate detection and incident response processes and tools for public and private cloud environments.
Working in cybersecurity takes passion for technology, speed, a desire to learn, and vigilance in order to keep every asset safe. You'll be on the front lines of innovation, working with a highly motivated team focused on analyzing, designing, developing and delivering solutions built to stop adversaries and strengthen our operations. Your research and work will ensure stability, capacity and resiliency of our products. Working with your internal team, as well as technologists and innovators across our global network, your ability to identify threats, provide intelligent analysis and positive actions will stop crimes and strengthen our data.
As a member of the Attack Analysis team, you will fit into a Global team providing 24/7 monitoring and Incident Response , acting as the frontline for attacks against the firms' infrastructure. As a Detection Engineer, your role will include advanced analysis, threat hunting, evaluation of new security technology as well as ensuring larger technology projects at the company are ready to be integrated into the Attack Analysis team and monitoring function. There is also an emphasis on coaching and mentoring in this role; you'll work to bring up the technical expertise of the entire team around you. This could include running training sessions for the team in range or virtual environments, leading hunting exercises, serving as a technical escalation point and coaching the team through adopting monitoring responsibility.
Key areas of focus include: Public/Private Cloud Engineering and Incident Response,Detection Engineering, Threat Modelling.Hands-on experience withat least 1 cloud platform (AWS, Azure, GCP) is required.
Primary Qualifications
- Min. 6 years of working experience with at least 4 years of hands-on experience in Security Operations and Incident Response or Computer Network Operations (CNO) or Computer Network Defense (CND).
- Hands-on experience with at least 1 cloud platform (AWS, Azure, GCP) including infrastructure, security and cloud APIs.
- Bachelor’s degree in Computer Science, Information Security, Digital Forensics or equivalent qualification.
- Excellent written and verbal communication skills to describe security event details and technical analysis with audiences within the cybersecurity organization and other technology groups.
- Strong collaboration and stakeholder engagement skills.
- Experience with the creation and tuning of alerting rules from a SIEM and other devices in response to changing threats.
- Ability to research TTPs and develop high fidelity detections in various tools/languages including but not limited to: Splunk, CrowdStrike, Azure Sentinel, Suricata, Snort.
- Ability to use data science and analytical skills to identify anomalies over large datasets.
- Experience with log analysis and correlation of large datasets from multiple data sources to identify and investigate attack patterns.
- Experience with threat hunting on a large, enterprise network both as an individual and leading hunting exercises with other team members.
- Ability to perform packet-level analysis and strong understanding of common network protocols and the OSI model.
- Experience using scripting languages (Python, Powershell, Bash, etc.) to parse machine-generated data, interact with REST APIs and automate repetitive tasks.
Additional Technical Qualifications
- Experience with regular expressions and their applications.
- Experience with Digital Forensics & Incident Response processes including memory & file system analysis methodologies.
- Experience with analyzing Endpoint Detection & Response (EDR) telemetry and excellent knowledge of operating system internals (Windows, Linux, macOS).
- Knowledge with command line tools across Windows and Linux.
- Familiarity with malware analysis (both static and dynamic), binary triage, and file format analysis.
We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs. Visit ourFAQs for more information about requesting an accommodation. Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr-
Senior Cyber Detection Engineer
3 days ago
London, United Kingdom JPMorgan Chase & Co. Full timeSenior Cyber Detection Engineer – Cloud Technical Lead You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who...
-
Senior Cyber Detection Engineer
2 weeks ago
London, United Kingdom JPMorgan Chase & Co. Full timeSenior Cyber Detection Engineer – Cloud Technical Lead You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who...
-
Senior Cyber Detection Engineer
3 days ago
London, United Kingdom JPMorgan Chase & Co. Full timeSenior Cyber Detection Engineer – Cloud Technical Lead You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience...
-
Senior Cyber Detection Engineer
3 weeks ago
London, United Kingdom JPMorgan Chase & Co. Full timeSenior Cyber Detection Engineer – Cloud Technical Lead You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience...
-
Cyber Defence Lead Detection Engineer
5 days ago
London, United Kingdom Live Nation (Music) UK Limited Full timeCyber Defence Lead Detection Engineer page is loaded Cyber Defence Lead Detection Engineer Apply locations Farringdon, London, United Kingdom time type Full time posted on Posted 2 Days Ago job requisition id JR-63169 Job Summary: Company: Live Nation Entertainment Department: Trust and Security Location: UK, remote Reports to: Senior Manager of...
-
Detection Engineer
6 days ago
London, United Kingdom Trident Search Full timeTrident Search have partnered with a company who pride themselves on being ahead of the curve when it comes to cyber security. The client works in the financial sector so its vital they remain at the forefront of the industry, to protect their clients data and their funds. They are looking for an autonomous detection engineer to join their global team....
-
Sr. Sales Systems Engineer
4 weeks ago
London, United Kingdom Stellar Cyber Full timeStellar Cyber is a fast-growing Cybersecurity company focused on delivering holistic cyberattack protection to organizations while significantly reducing total costs of ownership with its innovative Open XDR (eXtended Detection and Response) platform based on advanced ML and security technologies. Stellar Cyber has been recognized by Gartner as one of the...
-
London, United Kingdom JPMorgan Chase & Co. Full timeYou will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and...
-
Cyber Defence Lead Detection Engineer
1 month ago
London, United Kingdom Live Nation (Music) UK Limited Full timeDescription A Live Nation Entertainment, our goal is to maintain the trust and confidence of our fans, artists, employees and partners. Combined with maintaining the highest level of data security, our handling of information is designed to put the individual in control, ensuring that we handle their information in a way that best serves them and...
-
Senior Cyber Detection Engineer
2 weeks ago
London, United Kingdom JPMorgan Chase & Co. Full timeYou will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and...
-
Cyber Security Engineer
1 month ago
London, United Kingdom TRIA Full timeSenior Cyber Security Engineer Outside IR35 - Negotiable Flexible working - 1 day per month onsite in London We are representing a global decentralised organisation who are going through tremendous amounts of transformation (over 100 sites, 100,000 users, 14,000 employees). They are looking for an experienced Cyber Security Analyst to help transform...
-
Sr. Sales Systems Engineer
3 weeks ago
London, United Kingdom Stellar Cyber Inc. Full timeStellar Cyber is a fast-growing Cybersecurity company focused on delivering holistic cyberattack protection to organizations while significantly reducing total costs of ownership with its innovative Open XDR (eXtended Detection and Response) platform based on advanced ML and security technologies. Stellar Cyber has been recognized by Gartner as one of...
-
Lead Cyber Risk Analyst
5 days ago
London, United Kingdom The Engineer Full timeLocation: Various - We offer a range of flexible working arrangements - please speak to your recruiter about the options for this role. Salary: £60,000+ Depending on experience What you'll be doing: Lead on developing the risk management data strategy; identifying potential data sources and approaches to connecting and exploiting the data to...
-
Senior Cyber Detection Engineer
3 days ago
London, United Kingdom JPMorgan Chase & Co. Full timeThis job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board. Job Description You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal...
-
Senior Cyber Detection Engineer
4 weeks ago
London, United Kingdom JPMorgan Chase & Co. Full timeThis job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board. Job Description You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal...
-
Cyber Security Engineer
4 weeks ago
London, United Kingdom Digital Waffle Full timeCyber Security EngineerLondon (Hybrid)£75,000 - £85,000k (DOE)Digital Waffle is looking for a Cyber Security Engineer to join a global leading law firm. You will play a key role in safeguarding their digital assets and infrastructure from cyber threats. You will be responsible for designing, implementing, and maintaining security solutions to protect...
-
Security Engineer Network
3 days ago
London, United Kingdom Cyber Crime Full timeMeta Security is looking for an Incident Response Engineer with experience in the identification, containment and mitigation of security incidents. You will be analyzing different data sources to detect, investigate and respond to internal and external threats. You will also be working with our software and production engineering teams to develop scalable...
-
Security Engineer Network
3 days ago
London, United Kingdom Cyber Crime Full timeMeta Security is looking for an Incident Response Engineer with experience in the identification, containment and mitigation of security incidents. You will be analyzing different data sources to detect, investigate and respond to internal and external threats. You will also be working with our software and production engineering teams to develop scalable...
-
Graduate Cyber Security Engineer
5 days ago
City of London, United Kingdom Client Server Ltd. Full time**Graduate Cyber Security Engineer / Analyst London / WFH to £60k** Are you a Computer Science graduate with a strong interest in Cyber Security and Penetration Testing? You could be establishing your career at a rapidly expanding scale-up software house that is developing a highly complex network cyber security platform, working on Greenfield projects...
-
Senior Cyber Security Consultant
3 weeks ago
London, United Kingdom BMT Full timeCyber security consultant - technologies We exist to navigate the most important and impactful engineering challenges of our time. Through our projects and operations, we seek to create positive economic, social, and environmental outcomes, inspiring and helping our customers, suppliers, and partners to have a more positive impact in the world. We are...