Mitre-Focused EDR Detection Engineer

Title: MITRE-focused EDR Detection Engineer

Term: Contract

Location Milpitas, CA (Onsite)

Job Description

experience with the MITRE Telecommunication&CK framework, Telecommunication&CK evaluations, and EDR detection engineering

Person who has experience in customize, implement EDR solution is needed.

Job Summary:

We are looking for a skilled EDR (Endpoint Detection and Response) Detection Engineer to focus on our preparation for the 2024 MITRE Telecommunication&CK Enterprise evaluation. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities in preparation for the evaluation. You will leverage your experience in previous MITRE Telecommunication&CK evaluations to identify detection coverage gaps and develop strategies to address these gaps effectively.

Key Responsibilities:

Conduct in-depth analysis of our EDR product's capabilities in the context of the 2024 MITRE Telecommunication&CK Enterprise evaluation, focusing on its effectiveness against identified attack patterns

Conduct in-depth analysis of the malware families and techniques available through the MITRE Telecommunication&CK website and other OSINT channels as they relate to the scope of the 2024 evaluation

Distill insights from this analysis into actionable detection coverage recommendations for our EDR solution and when applicable, our EPP solution

Build and maintain a repository of prioritized techniques and the procedures that an adversary may use to perform those techniques

Utilize insights from previous MITRE Telecommunication&CK evaluations to optimize our detection strategies and enhance detection capabilities

Efficiently emulate attack techniques based on these analyses to test the robustness of our EDR product and measure existing detection coverage

Where gaps exist that require product improvements, partner with engineering and security researchers to design and propose technical solutions to enhance detection capabilities and close coverage gaps

Author and refine EDR detection signatures, ensuring they address the techniques and anticipated procedures

Qualifications:

Bachelor s degree in Computer Science, Cybersecurity, or a related field.

Minimum of 5 years of experience building detection for EDR technologies

Experience participating in MITRE Telecommunication&CK Enterprise evaluations

Strong understanding of cybersecurity threats, attack techniques, and the MITRE Telecommunication&CK framework.

Excellent analytical and problem-solving skills.

Ability to communicate complex technical information clearly and concisely to diverse audiences.

Proficiency in cybersecurity tools and technologies related to EDR.

Preferred Qualifications:

Experience in programming or scripting languages (Python, PowerShell, etc.).

Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS.

Experience building detection across non-endpoint vectors such as network and email

EDR Detection Engineer

Duration - 9+ Months

Term: Contract

Location Milpitas, CA (Onsite)

Job Description

experience with the MITRE Telecommunication&CK framework, Telecommunication&CK evaluations, and EDR detection engineering

Person who has experience in customize, implement EDR solution is needed.

Job Summary:

We are looking for a skilled EDR (Endpoint Detection and Response) Detection Engineer to focus on our preparation for the 2024 MITRE Telecommunication&CK Enterprise evaluation. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities in preparation for the evaluation. You will leverage your experience in previous MITRE Telecommunication&CK evaluations to identify detection coverage gaps and develop strategies to address these gaps effectively.

Key Responsibilities:

Conduct in-depth analysis of our EDR product's capabilities in the context of the 2024 MITRE Telecommunication&CK Enterprise evaluation, focusing on its effectiveness against identified attack patterns

Conduct in-depth analysis of the malware families and techniques available through the MITRE Telecommunication&CK website and other OSINT channels as they relate to the scope of the 2024 evaluation

Distill insights from this analysis into actionable detection coverage recommendations for our EDR solution and when applicable, our EPP solution

Build and maintain a repository of prioritized techniques and the procedures that an adversary may use to perform those techniques

Utilize insights from previous MITRE Telecommunication&CK evaluations to optimize our detection strategies and enhance detection capabilities

Efficiently emulate attack techniques based on these analyses to test the robustness of our EDR product and measure existing detection coverage

Where gaps exist that require product improvements, partner with engineering and security researchers to design and propose technical solutions to enhance detection capabilities and close coverage gaps

Author and refine EDR detection signatures, ensuring they address the techniques and anticipated procedures

Qualifications:

Bachelor s degree in Computer Science, Cybersecurity, or a related field.

Minimum of 5 years of experience building detection for EDR technologies

Experience participating in MITRE Telecommunication&CK Enterprise evaluations

Strong understanding of cybersecurity threats, attack techniques, and the MITRE Telecommunication&CK framework.

Excellent analytical and problem-solving skills.

Ability to communicate complex technical information clearly and concisely to diverse audiences.

Proficiency in cybersecurity tools and technologies related to EDR.

Preferred Qualifications:

Experience in programming or scripting languages (Python, PowerShell, etc.).

Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS.

Experience building detection across non-endpoint vectors such as network and email

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.