Threat Detection Engineer

Responsibilities

• Develop and implement threat detection rules, alerts, and dashboards using Splunk, SentinelOne, and other security tools
• Create SIGMA rules in YAML format to enhance detection capabilities
• Analyze security logs and network traffic to identify, investigate, and embed potential threats into detection logic
• Administer applications within the security stack and collaborate with the security team to enhance overall posture
• Automate security tasks and processes to increase operational efficiency
• Respond to security incidents, troubleshoot issues, and perform remediation as required
• Maintain documentation for the security detection database and deployed rulesets

Requirements

• 3+ years of hands-on experience in detection engineering, security automation, or a similar role
• Experience with EDR, SIEM, and Vulnerability Management technologies
• Strong understanding of network security, operating systems, and cloud security
• Knowledge of incident response techniques
• Security certifications such as Security+ or Splunk/SIEM related certifications
• Analytical, problem-solving, and strong communication skills

Preferred Qualifications

• Bachelor's degree in Cybersecurity or a related field
• Experience with cloud security platforms (GCP, AWS, Azure)
• Proficiency with Python scripting and SIGMA rule creation
• Understanding of the MITRE ATT&CK framework
• Experience with SOAR platforms
• SANS related certifications (e.g., GMON, GCDA)

About the Company

EVERSANA is a global life sciences commercialization services company. With a team of over 7,000 employees, we serve more than 650 clients, ranging from biotech start-ups to established pharmaceutical companies, helping to bring innovative therapies to market and support the patients who depend on them.