Lead Info Security Engineer - Detection Engineering
RO, Bucharest
6 zile în urmă

The Team

Security, Privacy, and Continuity (SPC) is a centralized organization that secures HERE products and services, ensures best-in-class security and privacy for customers and employees, and protects the organization against physical and virtual threats.

SPC is a globally distributed team of security and privacy professionals and is growing to keep pace with HERE's expanding business and customer base.

SPC Security Detection Engineering

SPC Security Detection Engineering team is a young, fast growing team at HERE. Our team is building detection capabilities and making sure that HERE Technologies is able to respond to current and emerging threats in a timely manner.

We perform different threat analysis activities (Threat Intel, Threat Hunting, Incident retrospective analysis), do active simulations, in addition to executing white / grey-box assessments - so we can identify security / compliance gaps within our security controls (in that sense we act as a "Purple Team").

Based on our analysis, we can plan and implement security detections and / or escalate problems to other HERE Security teams, such as Vulnerability Management or Product Security to improve our security quality on all layers!

In our team you will find many interesting teammates from all over the world with rich experiences in different security fields - automation, exploit development, red teaming, security engineering, forensics and more!

The role

Security Detection Engineering team is looking for a Lead Information Security Engineer to help us further improve our detection capabilities.

  • As a Detection Engineer you will work on identifying actual threats to our networks, services and cloud infrastructure, and gaps in existing security controls;
  • Also, you will help us to raise the bar for the quality of detection and protection controls. You will do a lot of interesting activities such as data-source / logs analysis, threat hunting, TTP and attack simulations, creating automation for correlation and detection, and more.

    Being in a lead role you are expected to be an expert with the knowledge and experience that will impact our threat-driven approach in Detection Engineering!

    This is a dynamic role where you will meet interesting new challenges all the time!

    Who are you?

  • 3+ years of experience in securing / hacking IT systems and infrastructure
  • Hands-on experience in any areas of security engineering : detection, forensics, reverse-engineering or red teaming
  • Experience with SIEM / SOAR
  • Ability to write scripts, automate things and create team tools (Python, Ruby, Java, C++ or PowerShell)
  • Understanding of adversary's TTP in cloud and enterprise
  • The role can be done in Romania and Czech Republic both from our offices or Home Office

    HERE is an equal opportunity employer. We evaluate applicants without regard to race, color, age, gender identity, sexual orientation, marital status, parental status, religion, sex, national origin, disability, veteran status, and other legally protected characteristics.

    Raportați această lucrare

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.