Threat Detection Engineer

Responsibilities

• Develop and implement threat detection rules, alerts, and dashboards using Splunk, SentinelOne, and other security tools
• Create SIGMA rules in YAML format to enhance detection capabilities
• Analyze security logs and network traffic to identify and investigate potential security incidents
• Administer applications within the security stack and streamline security processes through automation
• Maintain documentation for the security detection database and deployed rulesets
• Respond to security incidents, troubleshoot issues, and perform remediation as required
• Stay informed on the latest cyber threats, vulnerabilities, and security technologies

Requirements

• 3+ years of hands-on experience in detection engineering, security automation, or a similar role
• Experience with EDR, SIEM, and Vulnerability Management technologies
• Strong understanding of network security, operating systems, and cloud security
• Knowledge of incident response techniques
• Security certifications such as Security+ or Splunk/SIEM related certifications
• Analytical, problem-solving, and strong communication skills

Preferred Qualifications

• Bachelor's degree in Cybersecurity or a related field
• Experience with cloud security platforms (GCP, AWS, Azure)
• Proficiency with Python scripting and SIGMA rule creation
• Understanding of the MITRE ATT&CK framework
• Experience with SOAR platforms
• SANS related certifications (e.g., GMON, GCDA)

About the Company

EVERSANA is a global life sciences commercialization services company. With a team of more than 7,000 employees, we are committed to creating a healthier world by delivering next-generation services to the life sciences industry, supporting everything from innovative biotech start-ups to established pharmaceutical companies.