Principal Detection Automation Engineer

About the Role : We are seeking a highly experienced and visionary Principal Detection Automation Engineer to lead our detection automation initiatives. In this pivotal role, you will leverage your deep expertise in security and detection engineering to drive the development and optimization of our automated detection capabilities. You will be a key contributor to enhancing our security posture by creating and refining sophisticated detection rules and leveraging data science tools to identify and mitigate emerging threats. As the principal engineer on the detection automation team, you will be responsible for leading the design, development, and implementation of automated detection systems that effectively identify and respond to security incidents. You will work with a team of talented engineers to build and maintain a robust detection infrastructure that leverages cutting-edge technologies and methodologies. Responsibilities : - Detection Engineering Leadership : Serve as the principal detection engineer, providing technical leadership and guidance to the detection automation team. - Rule Authoring and Optimization : Develop, refine, and optimize detection rules using Suricata, Sigma, YARA, Snort, and other relevant technologies. - Anomaly and Behavioral-Based Detections : Design and implement anomaly and behavioral-based detection systems to identify and respond to sophisticated threats. - Detection Tuning and Optimization : Optimize both streaming and batch detections to minimize false positives and ensure high detection efficacy. - Data Science Integration : Leverage data science tools such as SQL, Spark, Databricks, or equivalent technologies to analyze security data and improve detection accuracy. - Automation Development : Develop and maintain automation scripts and tools using Python or Scala to streamline detection processes. - Threat Intelligence Integration : Integrate threat intelligence feeds and sources to enhance detection capabilities. - Incident Response Collaboration : Collaborate with incident response teams to investigate and remediate security incidents. - Research and Development : Stay abreast of emerging security threats and technologies, and contribute to research and development efforts to improve detection : - Principal Detection Engineer Experience : Proven experience as a principal detection engineer with a deep background in security and detection engineering. - Rule Authoring Expertise : Extensive experience with Suricata, Sigma, YARA, and Snort rule authoring. - Programming Proficiency : Fluency in Python or Scala. - Anomaly and Behavioral Detection Expertise : Expert knowledge of anomaly and behavioral-based detection methodologies. - Detection Tuning and Optimization : Proven ability to tune and optimize both streaming and batch detections. - Security Domain Expertise : Deep understanding of security concepts, threats, and vulnerabilities. - Strong Problem-Solving Skills : Excellent analytical and problem-solving skills. Preferred Qualifications : - Experience with cloud security platforms and technologies. - Experience with security information and event management (SIEM) systems. - Experience with threat intelligence platforms. - Experience with machine learning and artificial intelligence in security applications. Personal Attributes : - Strong passion for security and detection engineering. - Proactive and self-motivated. - Ability to work independently and as part of a team. - Detail-oriented and highly organized. - Continuous learner with a desire to stay abreast of emerging technologies. (ref:hirist.tech)

Location: bangalore, IN

Posted Date: 4/19/2025