Sr Assoc, Cyber Sec ThreatMgmt - Detection Engineer
Northern Trust · Naperville, IL · 3 wk ago
Engineering$89k–$151k/yrFull-time
Key Responsibilities
- Build, refine, and manage detection content to identify and mitigate potential threats.
- Develop a Detection-as-Code standard using code repositories and CI/CD pipelines to streamline content deployment via Infrastructure-as-Code methodologies.
- Work closely with various teams in Security Operations to anticipate and detect potential threats before they fully materialize.
- Participate in continuous improvement initiatives to enhance detection capabilities and efficiency.
- Develop and maintain documentation for detection logic, use cases, and response playbooks.
- Maintain up-to-date knowledge of the latest cybersecurity threats, tools, and best practices.
- Contribute to automation of detection and response processes using SOAR platforms.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- 2+ years of experience in cybersecurity, preferably in detection engineering, threat hunting, or incident response.
- Proficiency in writing and tuning detection logic in SIEM platforms (e.g., Splunk, Sentinel, Elastic).
- Strong understanding of cybersecurity principles, including SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions.
- Experience with coding/scripting languages such as Python, PowerShell, or Bash.
- Familiarity with CI/CD pipelines, code repositories (e.g., Git), and Infrastructure-as-Code tools (e.g., Terraform, Ansible).
- Excellent problem-solving skills and attention to detail.
- Strong communication and documentation abilities.
Preferred Qualifications
- Experience in a cloud environment (e.g., AWS, Azure, GCP).
- Knowledge of malware analysis, reverse engineering, and digital forensics.
- Experience with performing insider threat analysis and detections.
- Knowledge of security orchestration and automation platforms.
- Relevant certifications such as GCDA, GCFA, or equivalent.