Key Responsibilities
- Design, develop, and maintain threat detection use cases across SIEM, EDR, NDR, and cloud-native security platforms.
- Proactively identify detection gaps, research adversary tactics (MITRE ATT&CK), and translate threat intelligence into actionable detections.
- Monitor, analyze, and optimize detection rules to reduce false positives while maintaining high fidelity alerts.
- Collaborate with Security Operations and Incident Response teams to validate detections and support investigations.
- Automate detection engineering processes using scripting and SOAR capabilities.
- Conduct regular testing, purple teaming, and threat hunting exercises to validate effectiveness of detections.
- Stay current on emerging threats, attack vectors, and security technologies.
Qualifications & Experience
- Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent hands-on experience).
- 5+ years of experience in detection engineering, threat hunting, SOC, or incident response.
- Strong understanding of security monitoring tools (e.g., Splunk, Sentinel, QRadar, Elastic).
- Familiarity with MITRE ATT&CK framework and threat intelligence integration.
- Proficiency in scripting languages (Python, PowerShell, etc.) for automation and detection logic.
- Strong problem-solving skills with the ability to work in a fast-paced environment.
- Relevant certifications are a plus (e.g., GCDA, GCTI, GCIH, OSCP, Azure/AWS Security).
Morgan Mckinley Pte Ltd
EA Licence No: 11C5502
EAP Registration No: R