Detection Engineer📣 إعلان
| نوع العقد | دوام كامل | |
| طبيعة الوظيفة | بالموقع | |
| الموقع | مكة المكرمة |
وصف الوظيفة
About the Detection Engineer Role
KAUST (King Abdullah University of Science and Technology) is seeking a Detection Engineer to join its team in Makkah, Saudi Arabia. This full-time role is central to designing, building, and continuously improving the organization’s threat detection capabilities. The engineer will translate threat intelligence and adversary tactics into high-fidelity detection logic, conduct proactive threat hunting, and engineer automated detection content across the security stack. The primary objective is to ensure security operations can effectively identify malicious activity while minimizing alert fatigue through precision detection engineering.
Key Responsibilities
- Design, develop, and deploy detection rules and alerts across multiple security platforms, including SIEM, EDR, NDR, and cloud security tools.
- Create high-fidelity detections based on threat intelligence, MITRE ATT&CK techniques, and emerging threats, utilizing query and rule languages such as KQL, SPL, Sigma, and YARA.
- Conduct proactive threat-hunting campaigns to identify gaps in detection coverage and analyze adversary tactics, techniques, and procedures (TTPs).
- Perform regular testing and validation of detection rules using attack simulation, red-team exercises, and tools like Atomic Red Team or CALDERA.
- Identify and onboard new log sources to improve detection visibility, ensuring log quality, completeness, and normalization across all data sources.
- Develop automation workflows for detection deployment and management (Detection-as-Code), building tools and scripts to streamline engineering processes.
- Manage detection-related incidents, requests, and changes through ITSM workflows, ensuring documentation and SLA compliance for development and tuning requests.
- Collaborate with SOC analysts, incident response, and threat intelligence teams to refine detections, operationalize intelligence, and mentor junior engineers.
Required Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- GIAC Certified Detection Analyst (GCDA) or an equivalent certification is preferred.
Professional Experience
- 5-10 years of experience in security operations, threat detection, or SOC environments.
- Proven track record in developing detection rules across multiple security platforms.
- Experience contributing to open-source detection projects (*, Sigma, YARA).
- Familiarity with behavioral analytics or machine-learning-driven detection approaches.
- Exposure to offensive security, red teaming, or penetration testing.
- Experience implementing Detection-as-Code pipelines.
- Hands-on experience with breach-and-attack simulation or threat-emulation tools.
Technical Skills and Expertise
- Detection & Query Languages: Expert proficiency in SPL (Splunk), KQL (Sentinel/Kusto), SQL, Sigma, YARA, Snort, and Suricata.
- Security Platforms & Tools: Hands-on experience with SIEM (Splunk, Elastic Security, Microsoft Sentinel, Chronicle, QRadar), EDR/XDR (CrowdStrike, SentinelOne, Microsoft Defender, Carbon Black), NDR (Zeek, Suricata, Corelight), and SOAR platforms.
- Threat Intelligence & Frameworks: Deep understanding of MITRE ATT&CK, experience operationalizing threat intelligence, and strong knowledge of adversary behavior, TTPs, and attack patterns.
- Programming & Scripting: Proficiency in Python, experience with PowerShell and/or Bash, understanding of APIs, RESTful services, data structures, Git, and CI/CD workflows.
- Log Analysis & Data Science: Strong log analysis and parsing skills, understanding of normalization, enrichment, correlation, statistical analysis, anomaly-detection approaches, and knowledge of common log formats.
- ITSM & Documentation: Experience with ITSM platforms (ServiceNow, Jira Service Management), working knowledge of ITIL processes, and strong documentation skills.
- Operating Systems & Networks: Deep understanding of Windows, Linux, and macOS internals, strong knowledge of networking concepts, protocols, traffic analysis, understanding of authentication and identity technologies (Kerberos, NTLM, SAML, OAuth), and familiarity with AWS, Azure, and/or GCP logging and security telemetry.
Work Environment
This is a full-time position based at KAUST in Makkah, Saudi Arabia. The successful candidate will contribute to a dynamic and innovative environment focused on advancing scientific and technological research.
متطلبات الوظيفة
- تتطلب ٥-١٠ سنوات خبرة
وظائف مشابهة
قد يعجبك أيضاً
- وظائف ذات صلة بـ Detection Engineer
- وظائف Sales Representative في الخبر
- وظائف مدير مشتريات في الخبر
- وظائف مصمم جرافيك في الخبر
- وظائف محضر قهوة (باريستا) في الخبر
- وظائف أخصائي تسويق في الخبر
- مجالات وظيفية أخرى في مكة المكرمة
- وظائف Sales Representative في مكة المكرمة
- وظائف مدير مشتريات في مكة المكرمة
- وظائف محاسب زبائن (كاشير) في مكة المكرمة
- وظائف محضر قهوة (باريستا) في مكة المكرمة
- وظائف أخصائي تسويق في مكة المكرمة
- وظائف مسوق عقاري في مكة المكرمة
- وظائف STOREKEEPER في مكة المكرمة
- وظائف Legal Specialist في مكة المكرمة
- وظائف Sales Consultant في مكة المكرمة
- وظائف Quality Controller في مكة المكرمة
- استكشف الوظائف في أنحاء المملكة
- وظائف Restaurant Manager في الرياض
- وظائف فني مختبر طبي في الخبر
- وظائف فني هندسة ميكانيكية في الجبيل
- وظائف مهندس كهربائي في جدة
- وظائف بائع في المبرز
- وظائف مهندس مدني في الدمام
- وظائف أخصائي تمريض في ابو عريش
- وظائف مهندس كهربائي في ام الحمام
- وظائف عامل فرز منتجات في القطيف
- وظائف مساعد إسعافات أولية في الجبيل