Threat Detection Engineer

At EVERSANA, we are proud to be certified as a Great Place to Work across the globe. We’re fueled by our vision to create a healthier world. How? Our global team of more than 7,000 employees is committed to creating and delivering next-generation commercialization services to the life sciences industry. We are grounded in our cultural beliefs and serve more than 650 clients ranging from innovative biotech start-ups to established pharmaceutical companies. Our products, services and solutions help bring innovative therapies to market and support the patients who depend on them. Our jobs, skills and talents are unique, but together we make an impact every day. Join us!

Across our growing organization, we embrace diversity in backgrounds and experiences. Improving patient lives around the world is a priority, and we need people from all backgrounds and swaths of life to help build the future of the healthcare and the life sciences industry. We believe our people make all the difference in cultivating an inclusive culture that embraces our cultural beliefs.  We are deliberate and self-reflective about the kind of team and culture we are building. We look for team members that are not only strong in their own aptitudes but also who care deeply about EVERSANA, our people, clients and most importantly, the patients we serve. We are EVERSANA.  

THE POSITION:

We are seeking a highly motivated and skilled Threat Detection Engineer to join our dynamic security team. In this role you will be responsible for developing, implementing, and maintaining threat detection capabilities to protect our organization from cyber threats.  The primary responsibility will be building, deploying, and maintaining the detection rules for our security toolset.  Additionally, you will work within the Security Engineering team to administer the security stack at EVERSANA, help streamline processes and respond to security events as needed.

ESSENTIAL DUTIES AND RESPONSIBILITIES:
Our employees are tasked with delivering excellent business results through the efforts of their teams.  These results are achieved by:

• Develop and Implement: Create threat detection rules, alerts, and dashboards using Splunk, SentinelOne, and other security tools.  Should be comfortable creating SIGMA rules in YAML. 
• Analyze Logs: Examine security logs and alerts to identify and investigate potential security incidents.  Continuously monitor security logs and network traffic for threats, breaches, and unusual activity.  Embed that activity into detection logic and security controls.
• Collaborate: Work closely within the security team to enhance our overall security posture.  Administer applications within the EVERSANA security stack.
• Stay Informed: Keep up-to-date with the latest threats, vulnerabilities, and security technologies.
• Maintain Documentation: Contribute to the development and upkeep of security detection database.  Will be responsible for maintaining a list of currently deployed detection rules.
• Automate Processes: Streamline security tasks and processes to boost efficiency and effectiveness.
• Incident Response: Respond to security incidents, troubleshoot issues, and remediate as required.
• Demonstrate a commitment to diversity, equity, and inclusion through continuous development, modeling inclusive behaviors, and proactively managing bias.
• All other duties as assigned

Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of EVERSANA to provide reasonable accommodation when requested by an employee with a disability, unless such accommodation would cause an undue hardship for EVERSANA. If reasonable accommodation is needed to perform the essential functions of your job position, please contact Human Resources.

EXPECTATIONS OF THE JOB:

• Travel (0%)
• Hours (40 hours per week, 5 days of the week)

The above list reflects the general details necessary to describe the expectations of the position and shall not be construed as the only expectations that may be assigned for the position.

An individual in this position must be able to successfully perform the expectations listed above.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES:

The requirements listed below are representative of the experience, education, knowledge, skill and/or abilities required.

• 2 year degree or equivalent experience
• 3+ years of hands-on experience in detection engineering, security automation, or a similar role.
• Experience with detection engineering and security analytics.
• Experience with EDR, SIEM, and Vulnerability Management technologies.
• Understanding of network security, operating systems, and cloud security.
• Understanding of incident response techniques.
• Analytical, problem-solving and communication skills.
• Security certifications: (e.g. Security+, Splunk/SIEM related certs)

PREFERRED QUALIFICATIONS:

• Education BS in Cybersecurity Field
• Experience working with various security technologies and data sources, including but not limited to:
  • Cloud security platforms (GCP, AWS, Azure)
  • Endpoint Detection and Response (EDR) solutions – SentinelOne
  • Splunk
  • Network security devices
  • Identity and Access Management (IAM) systems
• Experience with Python scripting and SIGMA rule creation (yaml format). 
• Experience with incident response.
• Understanding of MITRE ATT&CK framework
• Experience with SOAR platforms.
• Proven ability to work independently.
• Excellent written and verbal communication skills; able to author clear technical documentation and rulesets
• SANS related certifications – GMON, GCDA, etc.

PHYSICAL/MENTAL DEMANDS AND WORKING ENVIRONMENT:

The physical and mental requirements along with the work environment characteristics described here are representative of those an individual encounters while performing the essential functions of this position.

Office: While performing the essential functions of this job the employee is frequently required to reach, grasp, stand and/or sit for long periods of time (up to 90% of the shift), walk, talk and hear; occasionally required to lift and/or move up to 25 pounds. The noise level in the work environment is usually moderately quiet, with frequent interruptions and multiple demands.

OUR CULTURAL BELIEFS:

Patient Minded I act with the patient’s best interest in mind.

Client Delight I own every client experience and its impact on results.

Take Action I am empowered and empower others to act now.

Grow Talent I own my development and invest in the development of others. 

Win Together I passionately connect with anyone, anywhere, anytime to achieve results.

Communication Matters I speak up to create transparent, thoughtful and timely dialogue.

Embrace Diversity I create an environment of awareness and respect.

Always Innovate I am bold and creative in everything I do.

Our team is aware of recent fraudulent job offers in the market, misrepresenting EVERSANA. Recruitment fraud is a sophisticated scam commonly perpetrated through online services using fake websites, unsolicited e-mails, or even text messages claiming to be a legitimate company. Some of these scams request personal information and even payment for training or job application fees. Please know EVERSANA would never require personal information nor payment of any kind during the employment process. We respect the personal rights of all candidates looking to explore careers at EVERSANA.

EVERSANA is committed to providing competitive salaries and benefits for all employees. If this job posting includes a base salary range, it represents the low and high end of the salary range for this position and is not applicable to locations outside of the U.S.  Compensation will be determined based on relevant experience, other job-related qualifications/skills, and geographic location (to account for comparative cost of living).  More information about EVERSANA’s benefits package can be found at eversana.com/careers.  EVERSANA reserves the right to modify this base salary range and benefits at any time. 

From EVERSANA’s inception, Diversity, Equity & Inclusion have always been key to our success. We are an Equal Opportunity Employer, and our employees are people with different strengths, experiences, and backgrounds who share a passion for improving the lives of patients and leading innovation within the healthcare industry. Diversity not only includes race and gender identity, but also age, disability status, veteran status, sexual orientation, religion, and many other parts of one’s identity. All of our employees’ points of view are key to our success, and inclusion is everyone's responsibility.

Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of EVERSANA to provide reasonable accommodation when requested by a qualified applicant or candidate with a disability, unless such accommodation would cause an undue hardship for EVERSANA. The policy regarding requests for reasonable accommodations applies to all aspects of the hiring process. If reasonable accommodation is needed to participate in the interview and hiring process, please contact us at [email protected].

Follow us on LinkedIn | Twitter