Threat Detection Engineer

• Develop and maintain highquality threat detection rules queries and alerts based on identified use cases threat scenarios and structured threat intelligence including MITRE ATT&CK Tactics Techniques and Procedures (TTPs).
• Leverage the MITRE ATT&CK Framework and other forms of structured threat intelligence to enhance detection capabilities develop contextualized alerts and improve overall security posture.
• Create and implement automated workflows and playbooks in tools such as Swimlane to enhance incident response capabilities and streamline security operation. Continuously research and stay up to date with the latest cyber threats attack vectors and methodologies to improve detection capabilities.
• Collaborate closely with crossfunctional teams including Security Operations Center (SOC) analysts Incident Responders and Threat Intelligence researchers to understand and respond to emerging threats.
• Evaluate and recommend new security tools techniques and process to enhance the organization threat detection and response capabilities.
• Participate in incident response activates and provide subject matter expertise when required.
• Develop and maintain documentation related to threat detection and automation processes and procedures aligning to leading practices.
• Provide training and guidance to team members to enhance their understanding of threat detection methodologies automation techniques and structured threat intelligence.

Qualifications :

• Prior experience in SIEM content development (LogRhythm Splunk QRadar McAfee ESM or similar SIEM platform) Splunk preferred
• More than 3 years of information security experience preferably engineering or development
• More than 1 years experience supporting a SEIM platform in a content development or administrative role
• More than 2 years experience performing SOC analysis and/or incident response
• Ability to effectively communicate with anyone from end users to senior leadership facilitating technical and nontechnical conversations.
• Deep understanding of technical concepts including networking and various cyber attacks
• Solid comprehension of various security controls capabilities and use in a corporate environment
• Scripting (Python is preferred but most any programming knowledge will be sufficient if engineer is willing to learn Python)
• Demonstrated history of innovation and/or creativity
• Ability to drive process improvements and identify gaps
• Ability to excel in a team as an individual in a fastpaced deadline driven organization

Additional Information :

Our uniqueness is that we truly value yours.

Experian Asia Pacifics culture people flexibility and environments are key differentiators. We take our people and equal opportunity agenda very seriously. We focus on what truly matters; DEI work/life balance development authenticity engagement collaboration wellness reward & recognition volunteering... the list goes on. Were an award winning organisation due to our strong people focus (Great Place To Work Top Employer and Employer of Choice).

Experian Asia Pacific leverages cutting edge data science inclusion and startup mindsets to build tomorrows credit solutions. Innovation is a critical part of Experians DNA and practices. As is our diverse workforce which drives our success. Everyone can succeed at Experian irrespective of their gender ethnicity colour sexuality physical ability or age. If you have a disability or special need that requires accommodation please let us know at the earliest opportunity.

Experian Careers Creating a better tomorrow together

Find out what its like to work for Experian by clicking here

Remote Work :

No

Employment Type :

Fulltime