Threat Detection Engineer

Experian

Experian is committed to helping you protect, understand, and improve your credit. Start with your free Experian credit report and FICO score.

Experian unlocks the power of data to create opportunities for consumers, businesses, and society. We empower consumers and our clients to manage data with confidence so they can maximize every opportunity. We gather, analyze, and process data in ways others can't. For more than 125 years, we've helped consumers and clients prosper, and economies and communities flourish.

Job Description

• Develop and maintain high-quality threat detection rules, queries, and alerts based on identified use cases, threat scenarios, and structured threat intelligence, including MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs).
• Leverage the MITRE ATT&CK Framework and other forms of structured threat intelligence to enhance detection capabilities, develop contextualized alerts, and improve overall security posture.
• Create and implement automated workflows and playbooks in tools such as Swimlane to enhance incident response capabilities and streamline security operations.
• Continuously research and stay up to date with the latest cyber threats, attack vectors, and methodologies to improve detection capabilities.
• Collaborate closely with cross-functional teams, including Security Operations Center (SOC) analysts, Incident Responders, and Threat Intelligence researchers to understand and respond to emerging threats.
• Evaluate and recommend new security tools, techniques, and processes to enhance the organization's threat detection and response capabilities.
• Participate in incident response activities and provide subject matter expertise when required.
• Develop and maintain documentation related to threat detection and automation processes and procedures aligning to leading practices.
• Provide training and guidance to team members to enhance their understanding of threat detection methodologies, automation techniques, and structured threat intelligence.

Qualifications

• Prior experience in SIEM content development (LogRhythm, Splunk, QRadar, McAfee ESM, or similar SIEM platform), Splunk preferred.
• More than 3 years of information security experience, preferably in engineering or development.
• More than 1 year of experience supporting a SIEM platform in a content development or administrative role.
• More than 2 years of experience performing SOC analysis and/or incident response.
• Ability to effectively communicate with anyone, from end users to senior leadership, facilitating technical and non-technical conversations.
• Deep understanding of technical concepts including networking and various cyber attacks.
• Solid comprehension of various security controls, capabilities, and use in a corporate environment.
• Scripting (Python is preferred, but most any programming knowledge will be sufficient if the engineer is willing to learn Python).
• Demonstrated history of innovation and/or creativity.
• Ability to drive process improvements and identify gaps.
• Ability to excel in a team, as an individual, in a fast-paced, deadline-driven organization.

Additional Information

Our uniqueness is that we truly value yours.

Experian Asia Pacific's culture, people, flexibility, and environments are key differentiators. We focus on what truly matters: DEI, work/life balance, development, authenticity, engagement, collaboration, wellness, reward & recognition, volunteering.

Innovation is a critical part of Experian's DNA and practices. As is our diverse workforce, which drives our success. Everyone can succeed at Experian, irrespective of their gender, ethnicity, colour, sexuality, physical ability, or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.

Experian Careers - Creating a better tomorrow together.