Cyber Detection & Automation Engineer (WA)

mid

EngineeringAutomation Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

function googleTranslateElementInit() { new google.translate.TranslateElement({pageLanguage: 'en'}, 'google_translate_element'); } Cyber Detection & Automation Engineer (WA)…

Requirements Summary

• Bachelor’s degree in cybersecurity, computer science, information technology, or related field. • 5+ years in cybersecurity, with 3+ years specifically in detection and automation engineering.

Technical Tools

awsazurejavascriptpythonci-cdcybersecurityrest-apis

Job description:

• Design, implement and automate high-fidelity detection rules using SIEM, EDR, and other telemetry sources (e.g. Sentinel, Defender, AWS, etc.) to improve efficiency and accuracy.

• Monitor and tune alerts to reduce false positives and improve signal-to-noise ratio.

• Regularly test and validate detection content to ensure its effectiveness and accuracy.

• Create documentation and knowledge transfer materials for detections and engineering processes.

• Perform gap analysis and continuously improve detection coverage, accuracy, and resilience.

• Design and develop security automations workflows using SOAR (Security Orchestration, Automation, and Response) primarily using Microsoft Sentinel/Logic Apps.

• Build and maintain custom integrations with SIEM, EDR, Threat Intel feeds, ticketing systems, and other SOC tools.

• Automate repetitive SOC tasks such as alert triage, enrichment, IOC lookups, and ticket creation.

• Develop dashboards or utilities to improve visibility and operational insights into SOC metrics.

• Collaborate with security operations center analysts & threat intelligence to stay ahead of evolving adversary tactics (MITRE ATT&CK-based).

• Create and update relevant runbooks, playbooks and other necessary documentation around detection rules and attacker TTP's.

• Prepare and present detailed reports on detection/automation activities, findings, and improvements to senior management.

Requirements

~2 min read

• Bachelor’s degree in cybersecurity, computer science, information technology, or related field.

• 5+ years in cybersecurity, with 3+ years specifically in detection and automation engineering.

• Proficiency in writing detection logic using KQL, SPL or other relevant query languages.

• Experience with query languages such as KQL, SPL and scripting languages (Bash, PowerShell, Python, JavaScript)

• Proficient in developing automations using SOAR platforms, specifically Microsoft Sentinel/Logic Apps

• Understanding of SOC operations, incident response workflows, and threat detection techniques.

• Experience with RESTful APIs and integration of third-party tools. • Experience building advanced analytics (ML) and developing AI agents/tools • Experience in a cloud-first or hybrid cloud environment (preferably AWS and Azure).

• Strong, practical knowledge of the MITRE ATT&CK framework, and how to map adversary behaviors to telemetry for detection design.

• Deep understanding of attacker TTPs, threat modeling, and detection methodologies.

• Familiarity with version control (Git), CI/CD pipelines, and infrastructure as code concepts.

• Experience in using security orchestration, automation, and response tools. • Strong analytical skills to analyze large volumes of data and identifying potential threats, patterns.

• The ability to effectively communicate both verbally and in writing to audiences of different technical skill levels.

• Relevant certifications such as:

o Microsoft SC-200, Azure Security Engineer Associate

o AWS Certified Security – Specialty

o GIAC (GCIA, GCTI, GDAT), CISSP, or CISM

Department: Preferred Vendors
This is a contract position

Visit Careers at CEDENT

Subscribe to be notified of new jobs

If we don't have an open position that fits you, feel free to subscribe to our Talent Team email! Enter your name, email address and position(s) you're interested in, and whenever we open a new position matching your criteria we'll notify you immediately.