Senior Associate, Detection Engineer, Cyber Managed Services
hace 1 semana
View company page
In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part ofOne team, One Kroll,you'll contribute to a supportive and collaborative work environment that empowers you to excel.
Kroll's Cyber Risk team works on over 2,000 cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we help protect our client's data, people, operations and reputation with innovative assessments, investigations and intelligence. We are the only company in the world with the expertise and resources to deliver global, end-to-end cyber risk management, supporting organizations through every step of their journey toward cyber resilience.
Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident response to risk assessments, and complex forensics to breach notification and ID theft remediation we help clients – of all sizes – respond with confidence.
At Kroll, your work will help deliver clarity to our clients' most complex governance, risk, and transparency challenges. Apply now to joinOne team, One Kroll.
Role
Working within our Security Operations Centre as a Detection Engineer, the focus of this role is the implementation of security monitoring,detectionand responsetechnologies acrossKroll'sclient base. This involves developing, testing and tuningsecurity content acrossEDR and SIEM technologies.
RESPONSIBILITIES:
- Develop, test and tunedetections (aka use cases, rules) for the latest threats using leading SIEM and EDR technologies.
- Identify false positives/negatives and tune detections to increase fidelity.
- Understand the threat landscape including new/emerging threats.
- Develop, test and tune parsers to normalise raw logs.
- Handle requests for new detections, determine the security value of those requests and clearly explain your decision to stakeholders.
- Be an SME on audit logging and recommend configurations to customers.
- Improve the computational efficiency of existing content.
- Work with customers to build effective whitelists and blacklists.
- Understand and master data sources across a variety of categories including Windows, Linux, Active Directory, Privileged Access Management,Intrusion Detection/Prevention,Firewalls,Anti-Virus, Endpoint Detection & Response, Cloud Access Security Broking,Network Access Control, Application Control andProductivity Apps.
- Collaborate with key stakeholdersacross the SOC, Threat Intelligence, Offensive Security, Sales Engineering, Engineering, Project, Product and SalesTeams.
- Create scalable processes through automation.
- Documentdesigns andprocesses.
REQUIREMENTS:
- Familiar with prevailing threats and how to mitigate them using EDR or SIEM.
- Understanding of Windows or Linux telemetry.
- Experience writing or tuning detections for EDR or SIEM technologies.
- Familiarity with the Mitre ATT&CK framework.
- Understand security principles and practices.
- Proficient with Regex.
- Proven capability to learn and deliver to a high standard within deadlines.
- Strong organisational skills and an ability to appropriately prioritise tasks.
- Ability to relay complex technical subject matter to non-technical stakeholders.
- Demonstrable analytical and technical aptitude with focus on identifying and alleviating the root cause of a problem.
- Proven ability to thrive and respond to frequent demands of multiple constituents, both internal and external, in a high demand, customer-centric environment.
- Written and verbally fluent in English
In order to be considered for a position, you must formally apply via
Kroll is committed to equal opportunity and diversity, and recruits people based on merit.
Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr-
Senior Stellar Cyber Engineer
hace 1 semana
Ciudad de México, Ciudad de México Nearshore Cyber A tiempo completoSenior Stellar Cyber EngineerLocation: Mexico (Remote/Work-from-Home)We are seeking an experienced and skilled Senior Stellar Cyber Engineer to join our team. As a Senior Stellar Cyber Engineer, you will be responsible for designing, implementing, and managing our cyber security infrastructure. This is a senior-level role for an individual with 4 to 7 years...
-
Jr Cyber Threat Detection Engineer
hace 1 semana
Ciudad de México, Ciudad de México Thomson Reuters A tiempo completoJr Cyber Threat Detection Engineer Thomson Reuters is looking to add a Jr Threat Detection Engineer to our Cyber defense team. Working with Threat Intelligence and Incident Response teams to develop and deploy security measures across the estate while advancing our threat detection program. About the role: As a Jr Cyber Threat Detection Engineer you...
-
Jr Cyber Threat Detection Engineer
hace 1 semana
Ciudad de México, Ciudad de México Thomson Reuters A tiempo completoThomson Reuters is looking to add a Jr Threat Detection Engineer to our Cyber defense team. Working with Threat Intelligence and Incident Response teams to develop and deploy security measures across the estate while advancing our threat detection program.About the role:As a Jr Cyber Threat Detection Engineer you will:Threat Detection & Prevention – Acting...
-
Ciudad de México, Ciudad de México Kroll A tiempo completoCybersecurity Cybersecurity | CDMX, Mexico | In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds...
-
Senior Cyber Security Platform Engineer
hace 1 semana
Ciudad de México, Ciudad de México Thomson Reuters A tiempo completoAbout the Role : Delivers high quality solutions across cyber security functions including, but not limited to: threat detection, cyber threat intelligence, network security, incident response, insider threat prevention, defensive platforms and engineering, vulnerability management, and attack surface reduction. Drives continuous improvement in key...
-
Sr Sentinelone Engineer
hace 7 días
Ciudad de México, Ciudad de México Nearshore Cyber A tiempo completoSenior SentinelOne EngineerLocation: Mexico (Remote/Work-from-Home)We are seeking a skilled and experienced Senior SentinelOne Engineer to join our team. As a Senior SentinelOne Engineer, you will be responsible for the design, implementation, and management of our endpoint security infrastructure using SentinelOne. This is a senior-level role for an...
-
Senior Associate, Cyber Risk
hace 1 semana
Ciudad de México, Ciudad de México Kroll A tiempo completoIn a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate...
-
Bilingual Technical Recruiter, Managed Services
hace 1 semana
Ciudad de México, Ciudad de México Upwork A tiempo completoCompany Descriptionhe Technical Recruiter, Managed Services Recruitment will be responsible for providing recruiting services to the Upwork Managed Services team and the clients we support.Responsibilities:Track new client requisitions through ATS; update cases as they progress.Provide Technical Recruiting services to the Upwork Managed Services Recruitment...
-
Senior Data Engineer
hace 1 semana
Ciudad de México, Ciudad de México virtusa consulting services pvt. ltd. A tiempo completoApply for Senior Data Engineer, Career Progress Consultants in Mexico for Year of Experience on
-
Senior Data Engineer
hace 2 semanas
Ciudad de México, Ciudad de México virtusa consulting services pvt. ltd. A tiempo completoApply for Senior Data Engineer, Career Progress Consultants in Mexico for Year of Experience on
-
Senior Associate, Cyber Risk
hace 1 mes
Ciudad de México, Ciudad de México Kroll A tiempo completoIn a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We value the diverse backgrounds and perspectives that enable us to think...
-
Senior Associate, Cyber Risk
hace 3 semanas
Ciudad de México, Ciudad de México Kroll A tiempo completoIn a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We value the diverse backgrounds and perspectives that enable us to think...
-
Senior SOC Analyst
hace 7 días
Ciudad de México, Ciudad de México Nearshore Cyber A tiempo completoJob Summary:The Senior SOC Analyst will monitor the company's and its clients' computing environments and systems for signs of malicious activity. The role mainly involves investigating alerts, hunting for threats, responding to attacks, and developing cybersecurity intelligence. They will provide technical leadership to junior and mid-level analysts. The...
-
Senior Java Engineer
hace 1 semana
Ciudad de México, Ciudad de México 3Pillar Global A tiempo completoSenior Java Software Engineer Hoy Senior Java Software Engineer 90115 Esmeralda, México Zillow Hoy About the team Are you looking for a challenging opportunity to make a significant impact in the real estate industry? Join our Rentals Growth team We are a dynamic and innovative team dedicated ... Senior Java Software Engineer 91480 Buenavista, México...
-
senior cyber security manager
hace 1 semana
Ciudad de México, Ciudad de México Randstad US A tiempo completoRandstad US senior cyber security manager sacramento , California Apply Now category computer and mathematical occupationsreference1047275job detailsjob summary:GROW WITH USWe are a team of trusted advisors and partners to our Company clients. We are a diverse group with a shared commitment to excellence and providing high caliber service. We are a...
-
Cyber Intelligence Engineer
hace 1 semana
Ciudad de México, Ciudad de México HSBC A tiempo completoIf you're looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you'll be. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to...
-
Managed Services Consultant
hace 1 semana
Ciudad de México, Ciudad de México Zendesk, Inc. A tiempo completoJob Description We support enterprise customers as an extension of their teams by helping them to use, see, learn, and believe in our beautifully simple product. A Managed Services Consultant is an experience-maker for our customers and our internal team - passionate about making communication easy through customer service and how doing that well can...
-
Senior Security Analyst
hace 1 semana
Ciudad de México, Ciudad de México Nearshore Cyber A tiempo completoSenior Security AnalystLocation: Mexico (Remote/Work-from-Home)We are seeking an experienced and skilled Senior Security Analyst to join our cybersecurity team. As a Senior Security Analyst, you will be responsible for managing and overseeing security operations, conducting advanced threat analysis, and leading incident response efforts. This role requires a...
-
Expert Iam Engineer
hace 1 semana
Ciudad de México, Ciudad de México Nearshore Cyber A tiempo completoExpert IAM EngineerLocation: Mexico City, MexicoWe are seeking an accomplished and highly skilled Expert IAM Engineer to join our team as a technical leader. As an Expert IAM Engineer, you will be responsible for driving the strategic direction, architecture, and management of our Identity and Access Management (IAM) solutions. This is a senior-level role...
-
Enterprise Cyber Security Analyst
hace 3 semanas
Ciudad de México, Ciudad de México Ford Brasil A tiempo completoNA Providing policy and risk-based consultation to enterprise customers ensuring a robust cybersecurity posture for applications and services hosted on-premises, private cloud or SaaS. Evaluate security vulnerabilities, assess risk, and implement solutions to defend against threats to enterprise assets Performing control assessment for critical...
