Threat Detection Engineer

hatch I.T. is partnering with Neovera/Emagined Security, to find a Threat Detection Engineer/Security Researcher/Incident Response Specialist. See details below:

About the role:

Neovera/Emagined Security is seeking a highly skilled and experienced Threat Detection Engineer/Security Researcher/Incident Response Specialist to join their Security Operations Center (SOC) within the Managed Security Services Division. The ideal candidate will possess a deep understanding of security threats, including advanced persistent threats (APTs), malware, and network intrusions. This position will be responsible for creating and auditing alerts across multiple platforms to detect and respond to these threats, leading proactive threat-hunting efforts, and providing mentorship to Junior Analysts within the team.

About the Company:

Emagined Security, A Neovera Company, is a leading provider of cybersecurity solutions, committed to helping organizations protect their critical assets and manage risk. The team is composed of industry experts dedicated to delivering innovative and effective security services to their clients.

Responsibilities:

• Work within the 24x7 Security Operations Center as part of the Managed Security Services Division, monitoring and managing security events and incidents for multiple clients.
• Develop, configure, and audit alerts across various security platforms, including Splunk, SentinelOne, and Microsoft Defender, to identify potential threats based on established frameworks such as MITRE ATT&CK and other relevant methodologies.
• Proactively conduct threat-hunting activities in customer environments to identify and mitigate potential security threats that may have evaded automated detection controls.
• Lead and manage incident response efforts, including investigation, containment, eradication, and recovery activities, to minimize the impact of security incidents for our clients.
• Collaborate with internal and external stakeholders to effectively communicate the scope and severity of security incidents, ensuring timely and efficient resolution.
• Provide mentorship and guidance to Junior Analysts, fostering their growth and development in cybersecurity skills and knowledge.
• Conduct in-depth research on emerging threats, vulnerabilities, and attack techniques to continuously improve detection and response strategies.
• Utilize your expertise in MITRE ATT&CK and other threat frameworks to continuously enhance threat detection capabilities and improve security posture for our clients.
• Utilize forensics tools and techniques to analyze compromised systems and uncover the root cause of incidents. Experience with forensic tools such as Magnet Forensics, EnCase, FTK, or similar is required.
• Create detailed incident reports, threat assessments, and technical documentation to support incident response and provide actionable recommendations to clients.
• Stay current with emerging threats, vulnerabilities, and technology trends. Contribute to the continuous improvement of SOC processes, tools, methodologies, and personnel.
• Serve as a primary point of contact for clients during incidents, providing expert guidance, support, and clear communication throughout the response process.

Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent experience.
• 5+ years of experience in cybersecurity, with a focus on threat analysis, threat hunting, and incident response.
• Experience working in a Security Operations Center (SOC)
• Deep understanding of security frameworks such as MITRE ATT&CK, Cyber Kill Chain, NIST, etc.
• Proven experience creating, configuring, and auditing security alerts in platforms such as Splunk, SentinelOne, and Microsoft Defender.
• Experience with forensics tools such as Magnet, EnCase, FTK, or similar, with the ability to perform detailed analysis of compromised systems.
• Demonstrated experience in leading and managing incident response efforts, including forensic analysis, malware analysis, and network traffic analysis.
• Strong analytical and problem-solving skills, with the ability to think critically and work under pressure.
• Excellent communication and interpersonal skills, with a demonstrated ability to effectively convey complex technical information to non-technical stakeholders.
• Experience and desire to mentor and train junior team members
• Relevant certifications preferred (e.g., GIAC, GCIH, GCFA, CEH, CISSP, etc.).
• Must be authorized to work in the United States