1. Home
  2. IT development
  3. Threat Defense Engineer

Offers “PepsiCo”

Expires soon
PepsiCo

Threat Defense Engineer

  • Warszawa, POLAND
  • IT development
Apply Now

Job description

Overview

Threat Defense Engineer is a member of the Information Security organization, reporting to Global Threat Defense Senior Manager. This is a role based in Warsaw and requires being in the office (near Dworzec Wilenski metro station) at least once a week.

Responsibilities

·  design and implement detection scenarios for cyber security threats; include recommendations from external and internal intelligence sources
·  work in a sub-team to improve detection coverage for a given functional area (endpoint, cloud or network team)
·  (optional – requires development skills) provide support for the analysis, development and integration of Automation Platform / SOAR capabilities, along with providing technical expertise to users of the platform

Sample tasks:

·  define Splunk / Kusto query for a detection idea provided by Cyber Threat Intelligence team
·  collect event statistics, identify false positives and perform gap analysis to improve a detection rule
·  review a security solution and propose the integration to boost detection capabilities
·  suggest changes to the current security solution configuration to improve its prevention and detection capabilities
·  meet with Incident Response team member and plan implementation of new detections to fulfill post-incident lessons-learned recommendations
·  (optional - requires development skills) write Python code for Automation Platform to automate incident response task
Qualifications

·  2+ years of information security experience (Security Operation Center, application security, blue team or red team operations)
·  understanding of Security Information and Log Management concepts, including custom applications and integrations to improve observability
·  ability to describe and respond to MITRE ATT&CK techniques from a perspective of detection
·  knowledge of attack patterns against enterprise infrastructure or applications
·  knowledge of Linux command line environment (awk, sed, grep, etc.) or Windows equivalent (PowerShell)
·  highly proficient in spoken and written English
·  nice to have: knowledge of Microsoft Azure / Amazon AWS cloud technologies
·  optional: knowledge of programming/scripting languages (Python is preferred), understanding of API concepts in security products

 

Technologies:

Splunk, GitHub, Azure DevOps, Python, Azure, AWS

Make every future a success.
  • Job directory
  • Business directory
    •