Develop, test, and maintain detection rules and logic across SIEM, EDR, and other security platforms.
Identify and implement detection use cases based on emerging threats and TTPs, leveraging the MITRE ATT&CK framework.
Analyze security data to identify trends, anomalies and potential threats.
Collaborate with incident response teams to validate and refine detection mechanisms.
Optimize detection rules to reduce false positives while ensuring accurate threat identification.
Perform threat hunting and contribute to adversary emulation exercises.
Integrate threat intelligence into detection workflows to stay ahead of emerging threats.
Document and maintain playbooks, detection logic, and response procedures.
Work closely with stakeholders to align detection strategies with business objectives.
Key Competencies:
Strong analytical and problem-solving skills.
Effective communication and documentation abilities.
Ability to collaborate in a team-oriented environment.
