Remote - Exabeam Detection Engineer

Job Title: Exabeam Detection Engineer

Location: Remote
Duration: Long Term
Job Description:

• We are seeking a skilled Exabeam Detection Engineer with expertise in rule development to join our cybersecurity team. This role will focus on creating, refining, and implementing detection rules to identify and mitigate threats across the organization. The ideal candidate will have hands-on experience with the Exabeam Security Management Platform, a deep understanding of security information and event management (SIEM), and a proven track record in threat detection and response.

Responsibilities

• Develop, customize, and optimize detection rules within Exabeam to identify potential security threats and malicious activities.
• Configure, tune, and enhance existing rules and alerts to reduce false positives and improve the efficiency of threat detection.
• Collaborate with the SOC team to understand emerging threats and integrate detection techniques that address these risks.
• Analyze security data and logs to identify patterns, trends, and indicators of compromise (IOCs) and integrate them into detection rules.
• Perform regular rule maintenance and review to ensure continuous relevance and effectiveness.
• Work with incident response and threat intelligence teams to correlate data across multiple sources and improve detection capabilities.
• Monitor Exabeam performance, troubleshoot issues, and optimize the platform's detection accuracy and responsiveness.
• Document detection rule logic, and tuning processes, and provide guidance on detection rule lifecycle management.

Requirements

• Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field.
• 3+ years of experience in security operations, incident detection, and response, focusing on SIEM platforms like Exabeam.
• Strong experience in developing, tuning, and implementing detection rules within Exabeam.
• Knowledge of scripting languages (e.g., Python, PowerShell) for data parsing and automation is a plus.
• Familiarity with threat intelligence, IOCs, and TTPs of common threat actors.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent communication skills, with the ability to document rule logic and collaborate with technical and non-technical teams.

Preferred Qualifications

• Exabeam Administrator or Exabeam Advanced Analytics certification.
• Experience with network and endpoint security tools like firewalls, IDS/IPS, and EDR solutions.
• Knowledge of the MITRE Telecommunication&CK framework and its application to threat detection.
• We are looking forward to your response so we can help you find the ideal candidate for this role.