Securonix is leading the evolution of SIEM for today’s hybrid cloud, data-driven enterprises. Securonix Unified Defense SIEM provides organizations with content-driven threat detection, investigation, and response (TDIR) solution built with a highly scalable data cloud and a unified experience from the analyst to the CISO. The innovative cloud-native solution enables organizations to scale up their security operations and keep up with evolving threats.

Securonix Unified Defense SIEM provides organizations with 365 days of ‘hot’ data for fast search and investigation, threat content-as-a-service, proactive defense with continuous peer and partner collaboration, and a unified Threat Detection, Investigation and Response (TDIR) experience, all in a single platform. The platform is built on a cloud native architecture and leverages the power of the Snowflake Data Cloud.

Summary:

We are looking at passionate threat detection engineers who like to fight bad-guys by helping organizations detect attackers within the shortest MTD possible. You will be part of the Securonix Detection Engineering team that is responsible for building the security analytics content, anomaly and threat detection models for the Securonix Next Generation SIEM platform and responding and providing awareness of advanced cyber and insider threats to our community. Our team's mission is to continuously develop detection methods to address the constantly-shifting threat landscape and detect the latest real-world cyberattacks.

Responsibilities of the Role:

• Responsible for development of new policies and threat-models in the Securonix platform
• Research on the latest threat or vulnerability and provide detections for customers.
• Keep yourself updated on latest threats and community published research, tools for improving threat detection
• Ensure detection content is sufficiently tested & validated before pushing to production in timely manner with great quality
• Submit clear documentation around the detection content developed
• Identify and build prototypes for new detection abilities that can be introduced to reduce MTD of threats
• Engage with customers for custom threat detection development requirement and tuning exercise
• Provide L3 support for issues in customer environment associated to detection content
• Review the work of L1 and L2 for better delivery of detection content
• Review detection related metrics from production environment to optimize detection content
• Identify and document RCA for issues and share details back with team
• Submit bugs , features or improvements to improve quality of detections and capability of platform
• Perform QA on content developed by other team members
• Help build and maintain test lab for threat detection
• Enhance processes that support the team’s mission
• Provide escalation support for P1 issues on week-ends if required

Skills Required:

• At-least 3 years of prior experience in building threat detection content for SIEM platforms
• Understanding of the different MITRE ATT&CK Matrix
• Knowledge of prominent attacker TTPs and building detections for the same
• Strong fundamentals in network and operating systems concepts
• Experience working with offensive security testing tools
• Ability to automate basic tasks using scripting languages like Python
• Strong written and verbal communication skills

Additional Skills (Good to Have):

• Prior investigations and response / SOC experience
• Prior Cloud detection content experience
• Cloud security certifications from Azure, GCP or AWS
• Information security professional certifications (SANS GIAC, CISSP etc.)
• Experience building playbooks / automated response actions on SOAR
  

Benefits:

As a full-time employee with Securonix, you will be eligible for the following employee benefits:

• Health Insurance with a total sum insured is INR 5,00,000
• Coverage: Self, Spouse, 2 kids, Dependent parents, or parents-in-law
• Personal Accident with total sum insured is INR 10,00,000
• Term Life Insurance with a sum assured for employees is 5 times fixed base pay is covered.

Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, and transfer, leaves of absence, compensation and training.

Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.

Headhunters and recruitment agencies may not submit candidates through this application. Securonix does not accept unsolicited headhunter and agency submissions for candidates and will not pay fees to any third-party agency without a prior agreement with Securonix.