Detection Security Engineer (Hybrid setup)

Detection Security Engineer (Hybrid option)

Join a team of cybersecurity professionals and help Swiss Re to fulfil its mission in making the world more resilient. As the Detection Security Engineer, you'll be tasked with helping to close the security gaps by working with incident responders and hunt for sophisticated cyber threats. What's more, you'll be working in a hybrid setup, perfectly balancing work from home and the office premises. 
 
About the team 

The Security Team is the focal point for all security activities across Swiss Re. We are responsible for cybersecurity engineering and operations, corporate security, governance, operational resilience, risk and compliance. We define and advance the company's security strategy. As a part of a wider company Security Team, the Cyber Defence Engineering team has the mission to monitor, detect, and report cyber security-related threats targeting Swiss Re. We're looking for a detection engineer who can identify, develop, and implement advanced threat detection and response engineering solutions.
 
In your role, you will… 

•    Be someone who believes in continuous innovation, is curious and relentless in finding a better way every day   
•    Develop and maintain a deep understanding of the latest threat landscape, tactics, techniques, and procedures (TTPs) used by attackers
•    Develop and maintain expertise in threat detection tools and technologies, including SIEM systems, EDR (endpoint detection and response) tools, and network monitoring solutions

 •    Be a part of a Purple Team to improve our security stance and implement your insights into rules
•    Continuously evaluate and improve the effectiveness of existing threat detection and response measures
 

Your qualifications 
 
Nobody is perfect and meets 100% of our requirements. If you, however, meet some of the criteria below and are curious about the world of cybersecurity attack detection we'll be more than happy to meet you! 
 
 What we need from you 

o    Passion, drive, and a belief in the value of cybersecurity operations as an enabler of business performance 
o    Experience in development of cybersecurity attacks detection rules in complex corporate environments 
o    The ability to communicate with a broad spectrum of stakeholders effectively – from cybersecurity analysts to threat intelligence experts  o    A track record of successful delivery in penetration tests and red team exercises as an ethical hacker
o    A high level of integrity, result-oriented approach, and composure under pressure 
o    Strong communication, influencing, and collaboration skills  
o    Knowledge of detection rule development, covering tools (such as SIEM, EDRs) and industry frameworks (such as MITRE ATT&CK®)

Nice-to-have 

o    Expert proficiency in Python, Kusto, or other scripting language
o    Experience working as a security analyst or incident responder (in a SOC/CSIRT/on-call setup)
o    Experience with Azure security tooling and development within Azure o    Analysis of web traffic, underlying malware, lateral movement, TTPs detected through Microsoft and Linux security events, etc.
o    Logfile correlation and analysis
o    Malware and exploit analysis (or reverse engineering)
o    Past collaboration with incident responders in developing detection rules and SOAR playbooks