Detection Engineer

Detection Engineer

This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2-3 days per week from an HPE office.

Job Description:

About our Cyber Security team:

Are you ready to make an impact at one of the world’s leading tech companies? HPE’s Cybersecurity team is where you can do just that! We’re looking for a dynamic and experienced Detection Engineer for our Galway team. If you’re passionate about shaping the future of cybersecurity and ready for your next challenge, we’d love to hear from you.

About you:

You are skilled at researching security technologies and assessing security controls, with advanced knowledge of scripting and automation tools like Python, PowerShell, and Ansible to improve security operations and incident response. Your strong analytical and problem-solving skills enable you to tackle complex security challenges and devise effective solutions. You possess excellent leadership abilities, allowing you to influence both technical and non-technical stakeholders at all levels. You have a proven track record in designing, implementing, and managing security architectures in large, complex environments, and can manage multiple high-impact projects simultaneously in fast-paced, high-pressure settings.

Key responsibilities of the role:

• You will leverage your deep technical expertise to develop and enforce security standards, manage advanced security tools, and respond to complex security incidents. You will also mentor junior engineers, lead strategic security initiatives, and contribute to the continuous improvement of the organization’s cybersecurity posture.
• Build advanced detection capabilities based upon research and analysis of threat actor methodology, threat intelligence, and adversarial technique frameworks (MITRE ATT&CK).
• Identify detection gaps in existing monitoring capabilities, by analysing the threat landscape, past incidents and threat intelligence reports.
• Design and implement advanced threat-detection mechanisms, with a focus on behavioural analysis and anomaly detection.
• Expert-level proficiency in SIEM platforms (e.g., Splunk, QRadar), SOAR platforms (e.g., Phantom, Demisto), and Data Lake technologies, with specific experience developing SIEM correlation rules, alerts and dashboards.
• Advanced knowledge of scripting and automation (e.g., Python, PowerShell) to develop custom detection rules and automate security processes.
• Strong analytical and problem-solving skills, with the ability to translate complex data into actionable insights.
• Excellent communication and leadership skills, with the ability to influence stakeholders at all levels of the organization.
• Ability to manage multiple high-impact projects simultaneously, working effectively in a fast-paced, high-pressure environment.
• Network security controls (e.g., firewalls, proxy, IPS/IDS).
• Authentication and Authorization protocols.
• Attacker Methodologies and Post Exploit Operations.
• Active Directory/Azure AD.
• Security Operations and Threat Intelligence.
• Cloud Threat Detection use-case development (Azure/AWS/GCP).
• Familiarity with GitHub and agile development methodologies.
• Capability to write advanced regular expressions.
• Knowledge of, and experience with Risk-Based-Alerting (RBA) concepts.
• SOC incident response experience is a plus.
• Strong self-motivation and time management skills required.
• Excellent written and verbal communication skills required.
• You are well-versed in frameworks such as NIST 800-53, ISO 27001, and Zero Trust, and have a strong understanding of cloud security and Dev Sec Ops principles.

Education & Experience Requirements:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field or equivalent experience.
• 8+ years of experience in cybersecurity, with a strong focus on security engineering, architecture, and operations.
• Proven experience with large-scale detection engineering initiatives and managing complex security environments.
• Certified Cloud Security Professional (CCSP), GIAC Security Expert (GSE), Offensive Security Certified Professional (OSCP), Certified Information Security Manager (CISM), or other advanced certifications relevant to cybersecurity engineering preferred certifications.​

#cybersecurity

Accountability, Accountability, Action Planning, Active Learning (Inactive), Active Listening, Agile Methodology, Bias, Business, Coaching, Creativity, Critical Thinking, Cybersecurity, Data Analysis Management, Data Collection Management (Inactive), Data Controls, Design Thinking, Development Methodologies, Empathy, Follow-Through, Growth Mindset, Implementation Methodologies, Infrastructure Design, Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity {+ 4 more}

Health & Wellbeing

We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.

Personal & Professional Development

We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division.

Diversity, Inclusion & Belonging

We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know diverse backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.

#ireland#technologyandsoftware

Job:

Information Technology

Job Level:

TCP_04

Hewlett Packard Enterprise is EEO F/M/Protected Veteran/ Individual with Disabilities.

HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.