Senior Detection Engineer

About BeyondTrust

BeyondTrust is the worldwide leader in intelligent identity and access security, empowering organizations to protect identities, stop threats, and deliver dynamic access to empower and secure a work-from-anywhere world. Our integrated products and platform offer the industry's most advanced privileged access management (PAM) solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments. 
Learn more at www.beyondtrust.com. 

Job Summary

As a Senior Detection Engineer, you’ll use your deep security domain knowledge to help build a new ITDR solution with a security lake at its center. You’ll become an identity security expert, and along with a team of like-minded individuals you will figure out new and innovative ways to counter modern identity threats, setting a clear vision for the detection portion of the product and driving and implementing our detection roadmap. You will be challenged daily with some of the hardest technology and security problems within the company.

What You Will Do

• Define and deliver innovative solutions for detecting identity-based attacks and vulnerabilities using rule-based analytics, behavioral analytics, and machine learning.
• Provide technical leadership to support product and engineering teams developing threat detection and response capabilities.
• Explore customer data using spark and other tools to test detection hypotheses.
• Implement detections using pyspark and spark sql.
• Continuously collect and analyze telemetry from detections in the field and tune them for quality.
• Develop ML models to support advanced detections.
• Build custom representations of data (e.g. graphs) to support other advanced detections.

Skills You Will Need

• Experience working and querying SIEM tools or other log-based data
• Experience in engineering event detection & response tuning
• Knowledge of MITRE ATT&CK framework and general adversarial / defensive security techniques
• Ability to engineer creative, scalable, and out-of-the-box solutions
• Up to date with engineering best practices, security technology trends, tools, and frameworks
• Experience in developing detections for attacker tactics, techniques, and procedures (TTPs)
• Preferred: Knowledge of cloud technologies, virtualization, containers, service-mesh
• Big data experience or a willingness to learn!

Technologies You Should Know

• Preferred: Spark
• Required: Python
• Preferred: Big data experience

We understand that the world of work is evolving and we are a company that prides itself on our adaptability and ability to provide an inclusive and flexible environment that embraces all team members regardless of whether they are based in one of our offices or at home.

Don’t meet every single qualification? Studies show people are hesitant to apply if they don’t meet all requirements listed in a job posting. BeyondTrust is focused on building an inclusive and diverse workplace – so if there is something slightly different about your previous experience, but it otherwise aligns and you’re excited about this role, we encourage you to apply. You could be a great candidate for this or other roles on our team.

BeyondTrust is an EEO/AA/Disability/Vets Employer and an equal opportunity employer, offering a competitive salary with excellent benefits. We welcome all candidate applications who meet the minimum qualifications listed above.

What truly makes BeyondTrust special are the people – people who keep the culture strong and make working here exciting, rewarding, and ultimately fun!

Search @beyondtrust and #beyondtrustlife on Twitter and LinkedIn to find out more.