Detection Consultant

Reposted 11 Days Ago
Be an Early Applicant
Rijswijk, NLD
Hybrid
Mid level
Information Technology • Professional Services • Software • Cybersecurity
The Role
Provide custom detection capabilities for customers by assessing detection gaps, hosting threat workshops, querying SIEMs (Splunk, Sentinel), writing pseudo-logic and work packages for detections-as-code, deriving detections from threat intelligence, explaining attack paths to customers, and tracking development and testing through ticketing systems.
Summary Generated by Built In
Our Global Detection Engineering Team provides detection capabilities for various security products used in our 24/7 managed monitoring service with customers all over the world. This role will be to join our detection engineering team, where you will focus on providing a tailored experience of custom detections to all our customers. 
 
All customers have the benefit of access to NCC’s wide library of detections but there are many cases for exceptions and requirements for custom detections. This role sits at the pivotal point between our customers and the detection engineers. Together with (representatives of our) customers you will focus on assessing the gap and need for custom detections (on top of the deployment of detections from NCC’s detection library) to provide the appropriate level of detection each customer desires.
 
We're looking for a wide range of backgrounds for potential candidates; the exact responsibilities of any candidate can be tailored given their experience and skillset. Any candidate that only partially matches the skillset is encouraged to apply.

Key Responsibilities
  • Schedule and host threat workshops utilizing industry-approved methodologies such as DREAD or STRIDE.
  • Correlate log events in SIEM solutions with activities which have taken place in the (business) application or technology.
  • Query data ingested into customer SIEM environments to assess the practical feasibility of newly proposed detections. 
  • Prepare pseudo-logic and work packages for detection engineers who write detections-as-code within the NCC detection repository. 
  • Derive new generic detection opportunities from Threat Intelligence reports to further expand NCC’s detection library.   
  • Identify potential abuse patterns in customer applications.
  • Query large datasets of data in SIEMs (Sentinel & Splunk). 
  • Explain (potential) attack paths to customers. 
  • Write pseudo-logic for the development of new detections. 
  • Track the status of detections under development and share status updates with the customer.
  • Obtain feedback from customers on exceptions and allowed behavior during the testing phase of the development of new analytics. 
  • Ensure work is up-to-date and tracked in (internal) ticketing system(s).

Skills, Knowledge & Expertise
  •  Experience in detection engineering on a range of technologies (SIEM and EDR)
  • OR 
  • Experience in SOC or Managed Detection Services
  • OR 
  • Experience in Analytically-minded IT Systems administration/Network Administration and looking for a change in career/focus on Security
  • Excellent oral and written communication skills.
  • Ability to work with client engagement teams and NCC colleagues to continuously improve the service we deliver.
  • Good understanding of IT Systems and platforms from a security context.
Desired Requirements:

  • A security mindset and demonstrable experience or knowledge of contemporary attack tactics and techniques.
  • Forensics or Incident Response competency would be considered valuable.
  • Strong knowledge of the latest threats in security.
  • The skills to translate technical attacks to effects in the business (and vice versa).
  • Experience in simulating attacks is considered an advantageous skill to enhance other skills
  • Experience with SIEM tools, preferably Splunk and Microsoft Sentinel.

And has knowledge of one or more of the below:
  • Azure or other cloud technologies,
  • Windows Active Directory,
  • Windows Operating System fundamentals,
  • Networking fundamentals.
  • System management technologies
  • Identity and access management procedures and technologies

Job Benefits
  • A good salary that matches the things you have already done and will do;  
  • Flexible working hours and flexibility in working from home or at the office, allowing you to optimally combine your private life with your work;  
  • A favorable pension scheme, 26 vacation days (+4 mandatory days off), and 8% holiday pay with a full-time contract;  
  • Plenty of development opportunities: you can gain and share knowledge through training, TechTalks, events, and our own Fox Academy;  
  • A laptop and business phone. If you use your own phone, you will receive a reimbursement of up to €25 per month;  
  • A remote work allowance (for hybrid working);  
  • A performance bonus and profit sharing because we value your effort;  
  • When we work in the office, we gather every day for a delicious lunch.  

About
We assess, develop and manage cyber threats across our increasingly connected society. We advise global technology, manufacturers, financial institutions, critical national infrastructure providers, retailers and governments on the best way to keep businesses, software and personal data safe.With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.

Skills Required

  • Experience in detection engineering on SIEM and EDR technologies
  • Experience in SOC or Managed Detection Services
  • Analytically-minded IT Systems administration or Network Administration experience
  • Excellent oral and written communication skills
  • Ability to work with client engagement teams and colleagues to improve service delivery
  • Good understanding of IT systems and platforms from a security context
  • Security mindset and knowledge of contemporary attack tactics and techniques
  • Forensics or Incident Response competency
  • Strong knowledge of latest threats in security
  • Ability to translate technical attacks to business effects
  • Experience simulating attacks
  • Experience with SIEM tools, preferably Splunk and Microsoft Sentinel
  • Knowledge of Azure or other cloud technologies
  • Knowledge of Windows Active Directory
  • Windows operating system fundamentals
  • Networking fundamentals
  • System management technologies
  • Identity and access management procedures and technologies
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Manchester
2,140 Employees
Year Founded: 1999

What We Do

NCC Group is a global cyber security and resilience company that helps organizations manage risk, strengthen resilience, and build trust. They provide services in cyber security consulting, managed services, technical assurance, and software escrow.

Similar Jobs

Tulip Logo Tulip

Marketing Manager

Enterprise Web • Hardware • Internet of Things • Software
Easy Apply
Remote or Hybrid
27 Locations
310 Employees

Akamai Technologies Logo Akamai Technologies

Solutions Engineer

Cloud • Security • Software • Cybersecurity
In-Office or Remote
2 Locations
10285 Employees

Cloudflare Logo Cloudflare

Account Executive

Cloud • Information Technology • Security • Software • Cybersecurity
Remote or Hybrid
Netherlands
4400 Employees

Pfizer Logo Pfizer

Director, AI Engineering--Clinical Development and Operations (CD&O)

Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
In-Office or Remote
31 Locations
121990 Employees
177K-294K Annually

Similar Companies Hiring

Golden Pet Brands Thumbnail
Digital Media • eCommerce • Information Technology • Marketing Tech • Pet • Retail • Social Media
El Segundo, California
178 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account