Job Expired - Click here to search for similar jobs
Title: MITRE-focused EDR Detection Engineer
Term: Contract
Location Milpitas, CA (Onsite)
Job Description
experience with the MITRE Telecommunication&CK framework, Telecommunication&CK evaluations, and EDR detection engineering
Person who has experience in customize, implement EDR solution is needed.
Job Summary:
We are looking for a skilled EDR (Endpoint Detection and Response) Detection Engineer to focus on our preparation for the 2024 MITRE Telecommunication&CK Enterprise evaluation. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities in preparation for the evaluation. You will leverage your experience in previous MITRE Telecommunication&CK evaluations to identify detection coverage gaps and develop strategies to address these gaps effectively.
Key Responsibilities:
Conduct in-depth analysis of our EDR product's capabilities in the context of the 2024 MITRE Telecommunication&CK Enterprise evaluation, focusing on its effectiveness against identified attack patterns
Conduct in-depth analysis of the malware families and techniques available through the MITRE Telecommunication&CK website and other OSINT channels as they relate to the scope of the 2024 evaluation
Distill insights from this analysis into actionable detection coverage recommendations for our EDR solution and when applicable, our EPP solution
Build and maintain a repository of prioritized techniques and the procedures that an adversary may use to perform those techniques
Utilize insights from previous MITRE Telecommunication&CK evaluations to optimize our detection strategies and enhance detection capabilities
Efficiently emulate attack techniques based on these analyses to test the robustness of our EDR product and measure existing detection coverage
Where gaps exist that require product improvements, partner with engineering and security researchers to design and propose technical solutions to enhance detection capabilities and close coverage gaps
Author and refine EDR detection signatures, ensuring they address the techniques and anticipated procedures
Qualifications:
Bachelor s degree in Computer Science, Cybersecurity, or a related field.
Minimum of 5 years of experience building detection for EDR technologies
Experience participating in MITRE Telecommunication&CK Enterprise evaluations
Strong understanding of cybersecurity threats, attack techniques, and the MITRE Telecommunication&CK framework.
Excellent analytical and problem-solving skills.
Ability to communicate complex technical information clearly and concisely to diverse audiences.
Proficiency in cybersecurity tools and technologies related to EDR.
Preferred Qualifications:
Experience in programming or scripting languages (Python, PowerShell, etc.).
Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS.
Experience building detection across non-endpoint vectors such as network and email
EDR Detection Engineer
Duration - 9+ Months
Term: Contract
Location Milpitas, CA (Onsite)
Job Description
experience with the MITRE Telecommunication&CK framework, Telecommunication&CK evaluations, and EDR detection engineering
Person who has experience in customize, implement EDR solution is needed.
Job Summary:
We are looking for a skilled EDR (Endpoint Detection and Response) Detection Engineer to focus on our preparation for the 2024 MITRE Telecommunication&CK Enterprise evaluation. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities in preparation for the evaluation. You will leverage your experience in previous MITRE Telecommunication&CK evaluations to identify detection coverage gaps and develop strategies to address these gaps effectively.
Key Responsibilities:
Conduct in-depth analysis of our EDR product's capabilities in the context of the 2024 MITRE Telecommunication&CK Enterprise evaluation, focusing on its effectiveness against identified attack patterns
Conduct in-depth analysis of the malware families and techniques available through the MITRE Telecommunication&CK website and other OSINT channels as they relate to the scope of the 2024 evaluation
Distill insights from this analysis into actionable detection coverage recommendations for our EDR solution and when applicable, our EPP solution
Build and maintain a repository of prioritized techniques and the procedures that an adversary may use to perform those techniques
Utilize insights from previous MITRE Telecommunication&CK evaluations to optimize our detection strategies and enhance detection capabilities
Efficiently emulate attack techniques based on these analyses to test the robustness of our EDR product and measure existing detection coverage
Where gaps exist that require product improvements, partner with engineering and security researchers to design and propose technical solutions to enhance detection capabilities and close coverage gaps
Author and refine EDR detection signatures, ensuring they address the techniques and anticipated procedures
Qualifications:
Bachelor s degree in Computer Science, Cybersecurity, or a related field.
Minimum of 5 years of experience building detection for EDR technologies
Experience participating in MITRE Telecommunication&CK Enterprise evaluations
Strong understanding of cybersecurity threats, attack techniques, and the MITRE Telecommunication&CK framework.
Excellent analytical and problem-solving skills.
Ability to communicate complex technical information clearly and concisely to diverse audiences.
Proficiency in cybersecurity tools and technologies related to EDR.
Preferred Qualifications:
Experience in programming or scripting languages (Python, PowerShell, etc.).
Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS.
Experience building detection across non-endpoint vectors such as network and email
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
Date Posted: 01 May 2024
Job Expired - Click here to search for similar jobs