SIEM Detection Engineer
Job Description
Cumulus Systems Pvt. Ltd., a company specializing in End-to-End Software Development Lifecycle and storage performance management, is seeking a SIEM Detection Engineer for their Pune office. This role represents an exciting opportunity in the cybersecurity domain, focusing on designing and maintaining high-fidelity detection content for SIEM platforms.
The position requires a skilled professional with 3 years of cybersecurity experience, including 1-2 years of hands-on SIEM experience. As an L2 Detection Specialist, you'll work with cutting-edge security technologies, including Microsoft Sentinel (KQL) or Google Security Operations (YARA-L), while collaborating with SOAR engineers and SOC analysts to enhance threat detection capabilities.
Key responsibilities include designing detection rules, performing threat hunting, analyzing telemetry data, and integrating threat intelligence feeds. The role demands both technical expertise and analytical skills, with opportunities to work on complex security challenges and contribute to the organization's security posture.
The ideal candidate will possess strong knowledge of MITRE ATT&CK framework, cloud infrastructures, and security controls. Technical skills in Python or PowerShell scripting are essential, along with relevant security certifications. The position offers exposure to advanced security tools and technologies while working with a team of security professionals.
This role would be perfect for a security professional looking to advance their career in detection engineering and threat hunting. The position offers the opportunity to work with enterprise-level security systems, contribute to developing sophisticated detection mechanisms, and play a crucial role in protecting organizational assets from cyber threats.
Responsibilities For SIEM Detection Engineer
- Design, build, and maintain detection rules, correlation searches, dashboards, and reports in SIEM platforms
- Validate and tune detection logic through simulations and SOC feedback
- Analyze log and telemetry data to uncover suspicious behaviors
- Integrate external threat-intelligence feeds
- Perform periodic rule health checks
- Collaborate with SOAR engineers for automation
- Conduct threat hunts to identify advanced attacker techniques
- Generate metrics and trend reports for SOC leadership
- Document detection logic and operational procedures
- Provide technical consultation during incident investigations
Requirements For SIEM Detection Engineer
- Strong understanding of MITRE ATT&CK
- Familiarity with cloud infrastructures (Azure, GCP, AWS)
- Proficiency in scripting (Python or PowerShell)
- Knowledge of security controls and telemetry sources
- Relevant certifications (SC-200, Google SecOps, CompTIA Security+)
- Excellent written documentation skills
- Minimum 3 years overall experience in cybersecurity operations
- 1-2 years hands-on experience with Microsoft Sentinel or Google SecOps
Related Jobs
