Detection and Response Engineer - Remote

Overview

A Detection and Response Engineer is a critical member of the cybersecurity team, responsible for designing, implementing, and maintaining systems and methodologies for detecting and responding to cyber threats. This professional plays a central role in identifying vulnerabilities, monitoring network activities, and ensuring the organization's digital assets are safeguarded against malicious actors.

In Short

• Develop and maintain log collection, analysis, and monitoring systems to identify suspicious activities.
• Analyze network traffic, endpoint data, and system logs to detect anomalies and indicators of compromise (IoCs).
• Identify emerging threats and vulnerabilities by staying updated with the latest intelligence and threat trends.
• Collaborate with SOC analysts to investigate and respond to security incidents.
• Provide technical expertise in triaging and resolving incidents while minimizing impact on operations.
• Develop scripts and tools to automate repetitive detection tasks and enhance operational efficiency.
• Integrate detection and monitoring tools seamlessly into the company's IT infrastructure.
• Work closely with the IT, network, and development teams to ensure security best practices are implemented.
• Communicate findings and recommendations effectively to stakeholders, including non-technical audiences.
• Contribute to the creation of educational materials and workshops to train staff on cybersecurity awareness.

Requirements

• Proficiency in Microsoft tools and platforms, such as Microsoft Sentinel, Defender for Endpoint, and Microsoft Cloud App Security.
• Strong understanding of Microsoft networking protocols, Active Directory, Azure environments, and firewall configurations.
• Experience with scripting in PowerShell for automation, debugging, and enhancing Microsoft tool functionality.
• Ability to analyze complex datasets from Microsoft tools and extract actionable intelligence.
• Strong troubleshooting skills to identify root causes of potential threats within Microsoft environments.
• Minimum of 2-3 years of experience in cybersecurity, SOC operations, or a similar role.
• Relevant certifications such as Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CEH, CISSP, or GIAC preferred.

Benefits

• Opportunity to work in a dynamic cybersecurity environment.
• Continuous learning and development opportunities.
• Collaborative team culture.
• Work remotely from anywhere.
• Supportive of diversity and inclusion in the workplace.