Senior Associate, Detection Engineer, Cyber Managed Services

2 weeks ago

United Kingdom Cyber Crime Full time
Senior Associate, Detection Engineer, Cyber Managed Services

Kroll As the leading independent provider of risk and financial advisory solutions, Kroll leverages our unique insights, data and technology to help clients stay ahead of complex demands. Click for more details.

View company page

In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part ofOne team, One Kroll,you’ll contribute to a supportive and collaborative work environment that empowers you to excel.

Kroll’s Cyber Risk team works on over 3,000 cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we help protect our client’s data, people, operations and reputation with innovative assessments, investigations and intelligence. We are the only company in the world with the expertise and resources to deliver global, end-to-end cyber risk management, supporting organizations through every step of their journey toward cyber resilience.

Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident response to risk assessments, and complex forensics to breach notification and ID theft remediation we help clients – of all sizes – respond with confidence.

At Kroll, your work will help deliver clarity to our clients’ most complex governance, risk, and transparency challenges. Apply now to joinOne team, One Kroll.

Role

Working within our Security Operations Centre as a Detection Engineer, the focus of this role is the implementation of security monitoring,detectionand responsetechnologies acrossKroll’sclient base. This involves developing, testing and tuningsecurity content acrossSIEM and EDRtechnologies.

RESPONSIBILITIES:

  • Develop, test and tunedetections (aka use cases, rules) for the latest threats using leading SIEM and EDR technologies.
  • Identify false positives/negatives and tune detections to increase fidelity.
  • Understand the threat landscape including new/emerging threats.
  • Develop, test and tune parsers to normalise raw logs.
  • Handle requests for new detections, determine the security value of those requests and clearly explain your decision to stakeholders.
  • Be an SME on audit logging and recommend configurations to customers.
  • Improve the computational efficiency of existing content.
  • Work with customers to build effective whitelists and blacklists.
  • Understand and master data sources across a variety of categories including Windows, Linux, IAM, EDR, NGAV, NDR, Cloud Security, Email Security, Firewalls, IPS/IDS, MFA, Web Proxies, VPNs, ZTNA, Productivity Apps and CASB.
  • Collaborate with key stakeholdersincluding Incident Response , SOC, Threat Intelligence, Offensive Security, Solutions Engineering, Platform Engineering, Project Management, Product Management, Account Management and Sales.
  • Deploy and maintain detection content at scale.
  • Documentdesigns andprocesses.

REQUIREMENTS:

  • Familiar with prevailing threats and how to mitigate them using SIEM and/or EDR.
  • Understanding of Windows Event Logs, Linux Syslogs or EDR telemetry.
  • Experience writing or tuning detections for SIEM or EDR technologies.
  • Familiarity with the Mitre ATT&CK framework.
  • Understand security principles and practices.
  • Proven capability to learn and deliver to a high standard within deadlines.
  • Strong organisational skills and an ability to appropriately prioritise tasks.
  • Ability to relay complex technical subject matter to non-technical stakeholders.
  • Demonstrable analytical and technical aptitude with focus on identifying and alleviating the root cause of a problem.
  • Proven ability to thrive and respond to frequent demands of multiple constituents, both internal and external, in a high demand, customer-centric environment.
  • Proficiency in scripting language preferred.

Location

  • London or UK Remote.

Kroll offers a flexible working, a great benefits package and excellent opportunities for career and personal development

In order to be considered for a position at Kroll, you must formally apply via careers.kroll.com

Kroll is committed to equal opportunity and diversity, and recruits people based on merit

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr

  • Senior Associate, Detection Engineer, Cyber Managed Services

    2 days ago

    United Kingdom Cyber Crime Full time

    Senior Associate, Detection Engineer, Cyber Managed Services Kroll As the leading independent provider of risk and financial advisory solutions, Kroll leverages our unique insights, data and technology to help clients stay ahead of complex demands. Click for more details. View company page In a world of disruption and increasingly complex business...

  • Associate Engineer

    2 days ago

    United Kingdom Cyber Crime Full time

    Senior Associate, Detection Engineer, Cyber Managed Services As the leading independent provider of risk and financial advisory solutions, Kroll leverages our unique insights, data and technology to help clients stay ahead of complex demands. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and...

  • Associate Engineer

    2 weeks ago

    United Kingdom Cyber Crime Full time

    Senior Associate, Detection Engineer, Cyber Managed Services As the leading independent provider of risk and financial advisory solutions, Kroll leverages our unique insights, data and technology to help clients stay ahead of complex demands. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and...

  • Senior Cyber Security Consultant

    1 month ago

    United Kingdom Cyber Search Partners Full time

    Cyber Security Consultant Remote-based (UK) with client site travel (2 days per week/M4 corridor) CSP has partnered up with a dynamic business that provides expert services within the InfoSec, GRC, Safety Engineering, Cyber Security & Information Systems domains. As a Consultant in the Cyber & Digital Security and Information Assurance team, you will be...

  • Senior Cyber Detection Engineer

    1 month ago

    United Kingdom Cloudsecurityexpo Full time

    You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and...

  • Senior Cyber Detection Engineer

    2 days ago

    United Kingdom Cloudsecurityexpo Full time

    You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and...

  • Cyber Security Consultant

    1 month ago

    United Kingdom Bmt Defence Services LTD Full time

    Cyber Security Consultant - Technologies ~ Cyber Security Consultant - Technologies Bath, Bristol, London, Teddington, Remote / Home (United Kingdom) Cyber security consultant - technologies Through our projects and operations, we seek to create positive economic, social, and environmental outcomes, inspiring and helping our customers,...

  • Senior Cyber Detection Engineer

    1 month ago

    United Kingdom Cloudsecurityexpo Full time

    You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and...

  • Senior Cyber Detection Engineer

    2 days ago

    United Kingdom Cloudsecurityexpo Full time

    You will be one of the team's subject matter experts on SIEM as well as cloud technologies. You will help mature how JPMC utilizes multiple SIEM solutions (primarily Splunk) for various use-cases within Cyber Operations. The ideal candidate will be someone with previous SOC and cloud experience who enjoys researching TTPs and the threat landscape and...

  • Senior Cyber Security Engineer

    3 days ago

    United Kingdom Digital Waffle Full time €65,000

    Job Title: Senior Cyber Security Engineer Location: Birmingham, UK (Hybrid) Salary: £65,000 per annum Role Overview: As a Senior Cyber Security Engineer, you will play a pivotal role in designing, implementing, and maintaining the cyber security infrastructure. You will utilise Microsoft technologies, including Azure, Sentinel, Defender, and XDR, to...

  • Senior Cyber Security Engineer

    2 days ago

    United Kingdom Digital Waffle Full time €65,000

    Job Title: Senior Cyber Security Engineer Location: Birmingham, UK (Hybrid) Salary: £65,000 per annum Role Overview: As a Senior Cyber Security Engineer, you will play a pivotal role in designing, implementing, and maintaining the cyber security infrastructure. You will utilise Microsoft technologies, including Azure, Sentinel, Defender, and XDR, to...

  • Senior cyber security

    3 days ago

    United Kingdom Iceberg Cyber Security Full time

    Senior Threat Analysist Can you build and implement effective threat modelling processes? Join my clients Cyber Operations team to build and implement effective threat modelling processes, produce strategic threat reports, and support organizational security development. Staying ahead of cyber threats, identify security gaps, and design attack...

  • Senior cyber security

    2 days ago

    United Kingdom Iceberg Cyber Security Full time

    Senior Threat Analysist Can you build and implement effective threat modelling processes? Join my clients Cyber Operations team to build and implement effective threat modelling processes, produce strategic threat reports, and support organizational security development. Staying ahead of cyber threats, identify security gaps, and design attack...

  • Senior Cyber Threat Hunter

    5 days ago

    United Kingdom Wellcome Sanger Institute Full time

    Wellcome Sanger Institute We are a world-leading genomics research institute in Cambridge. Our work helps improve human health and understand life on Earth View company page Job Description: Senior Cyber Threat Hunter ROLE SUMMARY The Pfizer Global Information Security (GIS) organization safeguards critical information assets by employing...

  • Cyber Security

    2 months ago

    United Kingdom Endeavour Recruitment Solutions Full time

    Technologies: SC clearance ISO 27001 SIEM Architecture APT detection tools IDS Linux Windows French speaking German speaking Endeavour Recruitment has exciting opportunities for a Cyber Security/SOC Architects for their client, in various locations in France or Germany. This is an excellent career opportunity to join a company to work for, offering...

  • Cyber Security Engineer

    2 days ago

    United Kingdom What's On In Bristol Full time

    Cyber Security Engineer This is a hybrid position primarily based in Bristol or Edinburgh. We’re committed to your flexibility and wellbeing and our hybrid strategy currently requires two days a week in the office, giving you the option to work remotely for some of your working week. Find out more about our culture of flexible working . We give you a...

  • Cyber Security Engineer

    7 hours ago

    United Kingdom Cyber Crime Full time

    JPMorgan Chase & Co.(NYSE: JPM) is a leading Functional financial services firm with assets of $2 trillion and operations in more than 60 countries. The firm is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity. The Cybersecurity &...

  • Cyber Security Engineer

    7 hours ago

    United Kingdom Cyber Crime Full time

    JPMorgan Chase & Co.(NYSE: JPM) is a leading Functional financial services firm with assets of $2 trillion and operations in more than 60 countries. The firm is a leader in investment banking, financial services for consumers, small business and commercial banking, financial transaction processing, asset management, and private equity. The Cybersecurity &...

  • Field Service Engineer

    4 days ago

    United Kingdom Smiths Detection Full time

    Location EMEA, United Kingdom, Gatwick Job Reference DETECTIONEMEA01585 Job Function About Smiths Reporting : Regional Service Manager At Smiths we apply leading-edge technology to design, manufacture and deliver market-leading innovative solutions that meet our customers' evolving needs and touch the lives of millions of people every day. We are a...

  • Senior Cyber Security Engineer

    3 weeks ago

    United Kingdom VIQU IT Recruitment Full time

    Senior Cyber Security Engineer VIQU have partnered with a top healthcare organisation who serve a community of over 650,000 people, their mission is to prioritise outstanding care and pioneer new ways of working within the healthcare industry. They are seeking a Senior Cyber Security Engineer to join their Cyber Security team, which is a part of their...