Threat Detection And Response Expert

Description:

The Threat Detection and Response (TDR) Expert contributes to successful incident handling escalated from OBRELA’s Security Operation Teams, gets to manage most complex findings and acts as the main incident commander as part of the incident response. He/she continuously operates a deeper investigation process to drive the collection of further evidence and support the resolution of identified issues.

The TDR Expert ensures escalated events are addressed in a timely manner using available alert and incident management tools and processes. Serves as detection authority for initial incident declaration and approves/performs further investigation of escalated events utilizing MDR technologies. Contributes with ideas to improve detection capability and drives recommendations to customers for incident remediation. Contributes to training of new analysts and evaluates analysts’ performance.

He/she is responsible for building and maintaining different SIEM/XDR content libraries and perform R&D for updating the respective content registries. Interacts with the SecDevOps teams or contributes as part of the Blue Team effort to implement threat detection analytics or customer specific use cases. He/she is available to work flexible hours and may serves as a backup analyst for any potential coverage gaps to ensure business continuity.

Requirements

• Bachelor’s degree or higher in computer science or related area of study or equivalent combination of education and/or relevant work experience. MSc in relative areas is considered a plus.
• Experience in Azure Security, use of corresponding security monitoring tools and Azure Rule authoring.
• Extensive experience in Microsoft 365 security center.
• Basic understanding of legal, regulatory and compliance requirements (GDPR, PCI, HIPAA, SOX, etc.)
• Exposure and expert knowledge with content development and event correlation using SIEM tools.
• Excellent verbal and written communication skills in English.
• Problem solving skills on short timeframes and ability to “think outside the box”.
• Analytical thinking with the ability to break down a big problem into smaller chunks.