Senior Threat Detection Engineer

You desire impactful work.
 

You’re RGA ready

RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 500 Company and listed among its World’s Most Admired Companies, we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.

A Brief Overview

Responsible for developing and executing standards, procedures, and processes to monitor, maintain, and create new detections. Manages telemetry health monitoring to ensure existing monitoring/alerts are performing as intended. Enable global Security Operations by participating in on-call rotations, alert triage, investigations, and engineering.

What you will do

• Participates in 24/7 on-call rotation, alert triage, and investigations
• Support and drive the Incident Response Lifecycle (readiness, training, response, command, post-mortem) efforts
• Utilizing CI/CD pipeline, coordinates monitoring, maintaining, and optimizing existing detections to ensure high fidelity and low noise detections, inclusive of Detection Playbooks.
• Supports and the validation of security telemetry health and the identification of gaps in telemetry that may introduce risk to the organization.  Develops processes and standards for validation of security telemetry.
• Develops and supports efforts to identify and close detection and telemetry gaps.
• Leads and contributes to purple team exercises for Monitoring and Detection by assisting with hunt, data and detection validation.
• Supports metric and reporting initiatives to drive strategic business decisions and leadership situational awareness.
• Drives investigations to completion and identifies and documents systemic issues, working with in the team to ensure tracking and mitigation.
• Supports purple team engagements for the SOC, identifying and tracking findings. ensuring actionable detection recommendations and security improvements.
• Perform other duties as assigned.

Qualifications

Bachelor’s degree or equivalent experience

Required

• 3+ years of hands-on experience in a Security Operations Center (SOC) or similar environment, with a focus on incident response, threat investigations or detection development
• Proficient analytical skills with the ability to investigate activity across network, host, cloud, and identify platforms.
• Ability to operate effectively in a globally distributed team environment.
• Strong written and verbal communications skills with the ability to effectively collaborate with partner teams
• 3+ years of experience assessing security telemetry to identify and close visibility gaps to improve detection and investigation fidelity.
• 3+ years of experience contributing to purple team exercises, including supporting risk hunting, telemetry validation, and detection efficacy
• 3+ years of experience developing and supporting cybersecurity metrics and reporting to support security operations.
• 3+  years experience creating automation\workflows to scale security operations
• 3+ experience designing and implementing automation and workflows to scale security operations
  Working knowledge of malware analysis

Technical Requirements

• Intermediate  knowledge of SIEM/SOAR technology (Splunk, CrowdStrike, Sentinel, etc.)
• EDR Platforms (CrowdStrike, Microsoft Defender, etc.)
• Network and client / server technologies and standards
• Malware prevention and remediation
• Intermediate knowledge of Cloud Computing Security (AWS, Azure, GCP)
• AM/AAA technologies and architectures (Entra/Active Directory, Okta, OpenID, SAML, Oauth, JWT, LDAP)
• ServiceNow
• General email security concepts
• M365 Suite and Environments
  Forensic tools (FTK, Encase, X-Ways, SIFT)

What you can expect from RGA:

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.

• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.

• Join the bright and creative minds of RGA, and experience vast, endless career potential.