TENEX.AI

Threat Detection Engineer

TENEX.AI

full-time

Posted on:

Location Type: Hybrid

Location: Kansas CityKansasMontanaUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudCyber SecurityFirewallsGoogle Cloud PlatformPython

About the role

  • Design, develop, implement, and maintain custom detection rules, correlation searches, and alerts within Google Security Operations (SecOps) to identify malicious activity, security incidents, and policy violations.
  • Utilize your expertise in the SecOps detection engine and YARA-L syntax to create efficient and effective detection logic.
  • Analyze large datasets of security logs and events from various sources (e.g., cloud platforms, endpoint detection and response (EDR), network devices, applications) to identify patterns and anomalies indicative of threats.
  • Stay up-to-date with the latest threat intelligence, attack techniques, and security trends to proactively develop new detection strategies.
  • Collaborate closely with Security Analysts to tune detections logic based on incident analysis and threat landscape changes.
  • Contribute to the development and maintenance of security documentation, including YARA-L rules, response strategies, playbooks, and operational procedures.
  • Participate in the evaluation and integration of new security tools and technologies.
  • Automate detection creation, threat intelligence gathering, and rule deployment.
  • Provide mentorship, training, and guidance to junior team members.

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent practical experience).
  • Minimum of 5 years of experience in a security operations role, with a strong focus on threat detection and analysis.
  • Proven experience developing and implementing YARA-L rules within Google Security Operations (SecOps) is essential.
  • Experience with threat intelligence and its integration into detection strategies.
  • Deep understanding of security principles, common attack vectors, and threat actor tactics, techniques, and procedures (TTPs).
  • Strong analytical and problem-solving skills with the ability to analyze complex security logs and identify meaningful patterns.
  • Proficiency in scripting languages such as Python or similar for automation and analysis.
  • Experience working with various security technologies and data sources, including but not limited to:
  • Cloud security platforms (e.g., GCP, AWS, Azure)
  • Endpoint Detection and Response (EDR) solutions
  • Security Information and Event Management (SIEM) systems
  • Network security devices (firewalls, intrusion detection/prevention systems)
  • Identity and Access Management (IAM) systems
  • The ability to effectively communicate technical information to both technical and non-technical audiences.
  • Ability to work independently and as part of a team in a fast-paced environment.
Benefits
  • Competitive salary and benefits package
  • Opportunity to work with cutting-edge AI-driven cybersecurity technologies and Google SecOps solutions
  • Collaborate with a talented and innovative team focused on continuously improving security operations
  • A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
YARA-Lthreat detectionsecurity analysisdata analysisscriptingPythonautomationdetection logicincident analysissecurity documentation
Soft Skills
analytical skillsproblem-solvingcommunicationmentorshipteam collaborationindependenceadaptabilitytrainingguidanceattention to detail
Certifications
Bachelor's degree in Computer ScienceBachelor's degree in CybersecurityBachelor's degree in Information Technology