Reporting to the Threat Detection Manager, the Security Engineer will work with the our teams, including cyber threat intelligence analysts, SOC analysts, threat detection engineers, server and network administrators, security tool administrators, and department customers. You will have information security experience in incident response and understanding of security log feeds mapping the data into the SIEM.You will:Understand data feeds of multiple security tools and logs that feed the SIEM & UEBA technologies. Identify capabilities and quality of these feeds and recommend improvements.Create new content use cases based on threat intelligence, analyst feedback, available log data, and previous incidents.Perform daily activities of the content life cycle, including creating new use cases, testing content; tuning, and removing content; and maintain associated documentation.Improve vulnerabilities in the different application environmentsWork with the other security teams and product SMEs to identify gaps within the existing capability.Develop parsers/field extractions to facilitate reliable content developmentDevelop custom scripts to enhance default SIEM functionalityParticipate in root cause analysis on security incidents and provide recommendations for new data sources and enrichment
