Detection Engineer

Detection Engineer

Are you ready to make an impact at one of the world’s leading tech companies? HPE’s Cybersecurity team is where you can do just that We’re looking for a dynamic and experienced Detection Engineer for our Galway team. If you’re passionate about shaping the future of cybersecurity and ready for your next challenge, we’d love to hear from you.

About you:

You are skilled at researching security technologies and assessing security controls, with advanced knowledge of scripting and automation tools like Python, PowerShell, and Ansible to improve security operations and incident response. Your strong analytical and problem-solving skills enable you to tackle complex security challenges and devise effective solutions. You possess excellent leadership abilities, allowing you to influence both technical and non-technical stakeholders at all levels. You have a proven track record in designing, implementing, and managing security architectures in large, complex environments, and can manage multiple high-impact projects simultaneously in fast-paced, high-pressure settings.

Key responsibilities of the role:

1. Leverage your deep technical expertise to develop and enforce security standards, manage advanced security tools, and respond to complex security incidents.
2. Mentor junior engineers, lead strategic security initiatives, and contribute to the continuous improvement of the organization’s cybersecurity posture.
3. Build advanced detection capabilities based upon research and analysis of threat actor methodology, threat intelligence, and adversarial technique frameworks (MITRE ATT&CK).
4. Identify detection gaps in existing monitoring capabilities, by analyzing the threat landscape, past incidents, and threat intelligence reports.
5. Design and implement advanced threat-detection mechanisms, with a focus on behavioral analysis and anomaly detection.
6. Expert-level proficiency in SIEM platforms (e.g., Splunk, QRadar), SOAR platforms (e.g., Phantom, Demisto), and Data Lake technologies, with specific experience developing SIEM correlation rules, alerts, and dashboards.
7. Advanced knowledge of scripting and automation (e.g., Python, PowerShell) to develop custom detection rules and automate security processes.
8. Strong analytical and problem-solving skills, with the ability to translate complex data into actionable insights.
9. Excellent communication and leadership skills, with the ability to influence stakeholders at all levels of the organization.
10. Ability to manage multiple high-impact projects simultaneously, working effectively in a fast-paced, high-pressure environment.
11. Network security controls (e.g., firewalls, proxy, IPS/IDS).
12. Authentication and Authorization protocols.
13. Attacker Methodologies and Post Exploit Operations.
14. Active Directory/Azure AD.
15. Security Operations and Threat Intelligence.
16. Cloud Threat Detection use-case development (Azure/AWS/GCP).
17. Familiarity with GitHub and agile development methodologies.
18. Capability to write advanced regular expressions.
19. Knowledge of, and experience with Risk-Based-Alerting (RBA) concepts.
20. SOC incident response experience is a plus.
21. Strong self-motivation and time management skills required.
22. Excellent written and verbal communication skills required.
23. Well-versed in frameworks such as NIST 800-53, ISO 27001, and Zero Trust, and have a strong understanding of cloud security and Dev Sec Ops principles.

Education & Experience Requirements:

1. Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience.
2. 8+ years of experience in cybersecurity, with a strong focus on security engineering, architecture, and operations.
3. Proven experience with large-scale detection engineering initiatives and managing complex security environments.
4. Certified Cloud Security Professional (CCSP), GIAC Security Expert (GSE), Offensive Security Certified Professional (OSCP), Certified Information Security Manager (CISM), or other advanced certifications relevant to cybersecurity engineering preferred certifications.

What We Can Offer You:

Health & Wellbeing: We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial, and emotional wellbeing.

Personal & Professional Development: We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division.

Diversity, Inclusion & Belonging: We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.

#J-18808-Ljbffr