Detection Engineer

WHAT YOU’LL DO:

As a Junior Detection Engineer at Kaseya, you’ll help defend our customers from cyber threats by researching, building, and maintaining detection logic for our security monitoring products. You'll be diving into the latest malware, TTPs (Tactics, Techniques, and Procedures), and adversary behaviors to develop and fine-tune detection rules and analytics. If you're passionate about cybersecurity and excited to learn in a hands-on environment, this is your chance to grow and contribute to Kaseya’s security efforts. You’ll help ensure that our products are always a step ahead in detecting and stopping threats, so our customers can focus on their business with confidence.

WHAT WE ARE LOOKING FOR:

We’re looking for a motivated Junior Detection Engineer to join our team. This role is perfect for someone eager to grow in the world of cybersecurity and detection engineering. You’ll work under the guidance of senior team members and collaborate with security teams to help enhance the efficacy of Kaseya’s security products. We want someone who thrives in a team setting and is excited to take on new challenges every day. You’ll have the opportunity to work with cutting-edge security technology while gaining deep expertise in threat detection and response.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

• Conduct Threat Research: Study the latest malware and adversary TTPs to understand emerging threats and vulnerabilities.
• Detection Logic Development: Help build, tune, and maintain detection rules and analytics for Kaseya’s Endpoint Detection and Response (EDR) and other security products.
• Simulate Attacks: Collaborate with the team to simulate adversary attacks and validate detection rules to improve detection efficacy.
• Collaborate with Product Teams: Work closely with security product teams to identify detection gaps and collaborate on solutions for improving product coverage.
• Support SOC Teams: Serve as a technical resource to Security Operations Centers (SOC) during active response efforts, helping them understand and use detection capabilities effectively.

WHAT YOU’LL BRING:

• Experience:
  • 3+ years working in computer networking administration or networking.
  • At least 1 year of experience in cyber operations, such as SIEM or EDR monitoring, incident response, threat hunting, or forensics.
• Cybersecurity Knowledge:
  • Familiarity with common malware families and the methods adversaries use to compromise systems.
  • General knowledge of Windows, Linux, or MacOS operating systems.
  • Awareness of adversary Tactics, Techniques, and Procedures (TTPs), including frameworks like MITRE ATT&CK™.
• Technical Skills:
  • Familiarity with regex and SQL-type query languages to build detection logic.

DESIRED SKILLS:

• Education: Bachelor's degree or equivalent IT work experience.
• Threat Hunting & Data Analytics: Familiarity with databases used for threat hunting and data analytics is desirable.
• Scripting Skills: Familiarity with scripting languages like Bash or PowerShell.
• Certifications:
  • One or more of the following baseline certifications are a plus: SEC+, CEH, GCFA, GCFE, GREM, GNFA, or OSCP.