Title - MITRE-focused EDR Detection Engineer
Duration - 9+ Months
Location – Milpitas, CA
Job Description –
experience with the MITRE ATT&CK framework, ATT&CK evaluations, and EDR detection engineering
Person who has experience in customize, implement EDR solution is needed.
Job Summary: We are looking for a skilled EDR (Endpoint Detection and Response) Detection Engineer to focus on our preparation for the 2024 MITRE ATT&CK Enterprise evaluation. Your primary responsibility will be to evaluate and improve our EDR product's detection capabilities in preparation for the evaluation. You will leverage your experience in previous MITRE ATT&CK evaluations to identify detection coverage gaps and develop strategies to address these gaps effectively. Key Responsibilities: ● Conduct in-depth analysis of our EDR product's capabilities in the context of the 2024 MITRE ATT&CK Enterprise evaluation, focusing on its effectiveness against identified attack patterns ● Conduct in-depth analysis of the malware families and techniques available through the MITRE ATT&CK website and other OSINT channels as they relate to the scope of the 2024 evaluation ● Distill insights from this analysis into actionable detection coverage recommendations for our EDR solution and when applicable, our EPP solution ● Build and maintain a repository of prioritized techniques and the procedures that an adversary may use to perform those techniques ● Utilize insights from previous MITRE ATT&CK evaluations to optimize our detection strategies and enhance detection capabilities ● Efficiently emulate attack techniques based on these analyses to test the robustness of our EDR product and measure existing detection coverage ● Where gaps exist that require product improvements, partner with engineering and security researchers to design and propose technical solutions to enhance detection capabilities and close coverage gaps ● Author and refine EDR detection signatures, ensuring they address the techniques and anticipated procedures |
| |
Qualifications: ● Bachelor's degree in Computer Science, Cybersecurity, or a related field. ● Minimum of 5 years of experience building detection for EDR technologies ● Experience participating in MITRE ATT&CK Enterprise evaluations ● Strong understanding of cybersecurity threats, attack techniques, and the MITRE ATT&CK framework. ● Excellent analytical and problem-solving skills. ● Ability to communicate complex technical information clearly and concisely to diverse audiences. ● Proficiency in cybersecurity tools and technologies related to EDR. Preferred Qualifications: ● Experience in programming or scripting languages (Python, PowerShell, etc.). ● Experience performing detection engineering across multiple operating systems, including Windows, Linux, and macOS. ● Experience building detection across non-endpoint vectors such as network and email
|
You received this message because you are subscribed to the Google Groups "c2cactiverequirements2023Bharath3" group.
To unsubscribe from this group and stop receiving emails from it, send an email to c2cactiverequirements2023bharath3+unsubscribe@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/c2cactiverequirements2023bharath3/CAF6UPvgG6391Ec3j64SyLv6KxXZQL44hi%2BMZTXrkm4FUJYLw-A%40mail.gmail.com.
No comments:
Post a Comment