Apply Now

Security Detection Engineer - W2 Only

Remote • Posted 9 hours ago • Updated 9 hours ago

Contract W2

Contract Independent

No Travel Required

Remote

Depends on Experience

Fitment

Dice Job Match Score™

⏳ Almost there, hang tight...

Job Details

Skills

security
XSIAM
windows
linux
Python
mitre

Summary

Title:Consulting Detection Engineer - Remote, W2 only

Location:Remote

Length:Long term
Restriction:w2 only

Description:

*** no c2c * *** W2 only;WebCam Interview***Remote***

Job Description:

Scope of the Project

The position will work as a consulting detection engineer within the division of information security. This role will focus on creating, tuning, and maintaining new and existing detection rules within the state monitoring environment. Engaging directly with state agencies to promote, support, and improve adoption of centralized security services is a key focus. The engagement is expected to be needed for 12 months with the possibility of extension.

Daily Duties and Responsibilities

Preference will be given to a candidate who can work onsite over hybrid and over full-time remote (on-site as needed).

Review and tune current detection rules within the state SIEM.
Perform gap analysis of the current detection coverage.
Develop detection rules/solutions to cover found gaps.
Monitor threat intelligence sources for new use cases.
Work with state SOC analysts to create and tune rules.
Work with the state threat hunter to identify and remediate detection coverage gaps.
Document processes, runbooks, and troubleshooting steps related to the SOAR and integrations.
Coordinate with engineering, SOC, and agency staff as needed to meet goals.
Other duties as needed.

Additional Skills and Duties

Proven experience with detection tuning/development.
Experience with dashboard creation and reporting.

Preferred Skills (Rank in Order of Importance)

Experience with the Palo Alto Cortex XSIAM platform.
Deep understanding of Windows/Linux artifacts.
Excellent communication and customer service skills for agency-facing engagement.
Experience in working in multi-tenancy environment.
Experience in multi-agency or enterprise service projects.

Required Education and Certifications

Bachelor''''s degree in an information technology or information security related field.
Eight years of relevant work experience may be substituted in lieu of education.
Five years of experience in supporting large IT environments and/or system deployments.
5+ years of strong scripting and automation skills (Python, Bash, PowerShell, or similar).
Understanding of Sigma, YARA, and other industry standard detection languages.
Familiarity with MITRE ATT&CK framework.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: msyca001
Position Id: SKZ - 10793
Posted 9 hours ago

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Remote Cybersecurity Detection Engineer

Remote or Columbia, South Carolina

•

Today

Location: Columbia, SC Duration: 12 Months Work Location: Fully Remote Candidate Location: No SC residency required. Open to nationwide candidates. Interview Process: 1 round, Virtual/Online potential for a 2nd round onsite as needed REQUIRED EDUCATION/CERTIFICATIONS: BACHELOR'S DEGREE IN AN INFORMATION TECHNOLOGY OR INFORMATION SECURITY RELATED FIELD EIGHT YEARS OF RELEVANT WORK EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION FIVE YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS

Easy Apply

Contract

Security Architect - Consultant (Detection Engineer)

Remote

•

Today

Role: Security Architect - Consultant (Detection Engineer) Location: Remote Interview Process: 1 round, Virtual/Online - potential for a 2nd round onsite as needed Duration of the Contract: 12 months Possibility for Extension: Yes Work Location: Fully Remote Candidate Location: No SC residency required. Open to nationwide candidates. W2 Contract IMPORTANT INFORMATION: This position requires the candidate to be engagedexclusively on Maxpath Technologies W2 payroll. Engagements via 1099 or third

Easy Apply

Contract

Depends on Experience

Security Architect/ Detection engineer - local to Columbia, South Carolina or a surrounding city in South Carolina

Remote

•

Today

Title : Security Architect - 10793 Location : Columbia, SC Duration : 12 + Months Job Description: Interview Process: 1 round, Virtual/Online - potential for a 2nd round onsite as needed Duration of the Contract: 12months Possibility for Extension: Yes Work Location: Fully Remote Candidate Location: No SC Residency required. Open to nationwide candidates. Security Architect - Consultant (Detection Engineer) Why is this position open: New position - supporting statewide security detection and

Easy Apply

Contract

Depends on Experience

Security Engineer/Architect

Remote

•

Today

Job ID: SC-10793 Remote/Local Security Engineer/Architect (CISSP/CISA/CISO/SECURITY/CEH/OSCP/GPEN) with SIEM, Detection coverage gap remediation, Threat Intelligence, Python/Bash/PowerShell, Sigma/Yara, Tunning, PALO ALTO CORTEX XSIAM, Windows/Linux, MITRE ATT&CK experience Location: Columbia, SC (ADMIN) Duration: 12 Months Work Location: Fully Remote Candidate Location: No SC residency required. Open to nationwide candidates. Interview Process: 1 round, Virtual/Online potential for a 2nd round

Easy Apply

Contract, Third Party

Depends on Experience

Search all similar jobs