Senior Detection Engineer

Zscaler is a pioneer and global leader in zero trust security, and they are seeking an experienced Senior Detection Engineer to join their Detection Engineering team. The role involves analyzing EDR telemetry, creating and tuning detection systems, and improving workflows to ensure high-fidelity threat analysis for customers.

Responsibilities:

• Analyze EDR telemetry, alerts, and log sources across several detection domains including Endpoint, Identity, SIEM, and Cloud/SaaS
• Publish threats for customers using concisely written communication to effectively convey key indicators and remediation context
• Research coverage opportunities to create new detectors and tune existing ones to ensure high-fidelity detection
• Improve the Detection Engineering workflow through orchestration and automation to manage high volumes of telemetry
• Provide mentorship to peers and lead projects that improve the quality of life for both the customer and the CIRT

Requirements:

• Strong experience in Endpoint (MDR) and one or more functional areas including Cloud/SaaS, Identity, Email, or SIEM
• Proven experience with automation and orchestration to effectively handle an extreme volume of telemetry and logs
• Expertise using query languages and understanding syntax across EDR or other security platforms such as SQL or Lucene
• Experience creating and tuning detectors or rules using tools such as YARA, SIGMA, Snort, Splunk, or Elastic
• Ability to work the required shift from Wednesday to Saturday, 5pm MST – 3am MST
• Active involvement in the Infosec community through writing blogs, participating in webinars, or presenting at conferences
• Experience using version control software such as GitHub or CircleCI for the deployment of detectors and rules
• Previous professional experience in a Red Team or offensive security capacity