Threat Detection Program Lead
XDR Threat Detection Program Lead will be responsible for leading threat detection content program for EclecticIQ XDR platform.
Threat Detection Program Lead will help coordinate and plan research on novel threat detection techniques, work on prioritizing detection coverage for emerging threats, help with scoping detection capabilities for the product, and collaborate with Threat Intelligence team to develop threat hunting packs to protect our customers.
- Lead strategic planning of detection content development;
- Lead daily operations of detection content creation and curation;
- Establish and lead partnership programs in the area of detection engineering and threat hunting;
- Engage and coordinate with the cyber security community;
- Contribute to shaping the XDR platform’s Threat Hunting and Incident Response workflows;
- Contribute to marketing activities based on emerging threats for thought leadership;
- Collaboration with the Fusion Center, Product and Engineering teams
- Create and curate detection content as a senior technical contributor, leading your team from the front;
- Analyze and prioritize emerging threats and intelligence reports;
- Coordinate with detection content, threat hunting, and cyber threat intelligence partners
- 5+ experience in a cyber security team and program leadership, preferably in MSSP/SOC/MDR environment;
- Solid understanding of modern Cyber Security and Cyber Threat landscape (challenges, solutions, techniques);
- Strong knowledge of security detection mechanisms and technologies (EDR, XDR, SIEM, SOC playbooks);
- Familiarity with various detection languages (Sigma, YARA, Osquery);
- Familiarity with adversary emulation methodologies;
- Up-to-date knowledge of recent developments in the area of Cyber Security and Cyber Threats;
- Deep knowledge of different attack Tactics, Techniques, and Procedures;
- Excellent communication skills;
- Experience collaborating with and coordinating a variety of stakeholders – clients, engineering teams, analyst teams, etc.;
- Working knowledge of translating Threat Reports and Cyber Threat Intelligence content into detection mechanisms is a plus;
- Knowledge of scripting (Python, PowerShell, Bash) is an advantage;
- Experience with offensive security tools (Metasploit, Nmap, Maltego, Mimikatz, Atomic Red Team) is a plus;
- Data analysis experience is a plus.
Working with EclecticIQ means an exceptionally challenging and dynamic industry that has a positive impact on the world. We offer a full-time position with a competitive salary, 24 annual holidays and an appealing education budget (including a corporate Coursera account). On top of that, we have a hip, home-like working place in the heart of Amsterdam where you can work with the latest technology and solve interesting problems. We are backed by international investors to build the future together!
EclecticIQ is a global threat intelligence, hunting and response technology provider. Its clients are some of the most targeted organizations, globally. To build tomorrow’s defences today, they have to understand the threats against them – and align their efforts and investments to mitigate their risks. EclecticIQ helps governments, large enterprises and service providers manage threat intelligence, create situational awareness and adopt an intelligence-led cybersecurity approach. EclecticIQ extended its focus towards hunting and response with the acquisition of Polylogyx’s endpoint technology in 2020. Founded in 2014, EclecticIQ operates globally with offices across Europe, North America, and via value-add partners.
More info: www.eclecticiq.com
In case of any questions or queries, please reach out to our Talent Management Partner at [email protected]
The selection process may include security screening and/or background checks.
All you need to do is filling out our application form below.