Threat Detection Engineer

DESCRIPTION
Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last three consecutive years. We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and the first in our space to provide a risk scoring dashboard.

 Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood but our prospective clients also struggle to effectively harness technology and build hardened processes.

 While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.

Summary

The Threat Detection Engineer will perform tasks to ensure the proper and timely on-boarding of new customers and products in the SIEM.  This role will work with other members of the team to identify, modify, customize, and apply use cases from our library, based on customer functionality and alerting requirements. Responsible for timely deployment of our services, works to automate the alerting process, provides reporting and dashboards, and coordinates with other internal departments to ensure continuous customer satisfaction.  The SIEM Content Engineer II is focused on SIEM health and troubleshooting; rule, report, and dashboard modification; and more intricate customer development requests. 

Responsibilities

• Handle customer requests for development and promote applicable rules to the strategic team for base content inclusion.
• Provide back-up support on SIEM onboarding tasks and collaborate with other teams (Security Analyst team) on required content.
• Perform analysis and troubleshooting and other tasks to ensure overall SIEM health.
• Modify rules, reports, and dashboards for internal and external use as necessary.
• Process the more intricate use case development tickets from customer request queue.  This generally involves clarifying intent through internal resources to provide the most accurate response to our clients need.
• Work closely with our Engineering, Analyst, and R&D teams to understand the company’s complete service offering in analyzing and resolving technical issues of our customers, thus create a better platform for our service delivery team.
• Participate and perform other tasks as may be required for this role.

• Demonstrated knowledge of general networking principles including full knowledge of TCP/IP communication, the OSI model, common network ports, and basic network defense
• Solid understanding of the threats reported by various data sources such as IDS/IPS, AV, HIDS/HIPS, WAFs, firewalls, and web proxies
• Basic understanding of the current threat landscape including knowledge of different threat actor profiles and attack methods
• Must be willing and able to complete trainings/certifications for self -improvement
• Excellent communication and presentation skills within a team setting in a collaborative manner
• Quick learner and intuitive thinker – the more you learn, the faster you’ll grow!
• Effective documentation and time task management skills
• Confidence in independently delivering effective technical solutions
• Excellent problem-solving skill, ability to identify and apply appropriate technical resolutions

• Opportunity to work in a progressive organization with structured training and roadmap for success

• Health benefits, lunches, gym reimbursement, and internet funding for our India staff!
• Experience in one of the hottest IT industries today

Proficio is an EOE employer.

Proficio collects certain personal information upon your submission of an application for an open position. More information is available about your consumer rights and our privacy policy at