Security Design Lead in Rabobank's cybersecurity team, designing secure technology solutions for food & agribusiness banking. Collaborating across teams to ensure robust security implementations.
BD
Hybrid Security Detection & Response Engineer - Flutter Functions
Posted 10 hours ago
About the role
- Security Detection & Response Engineer for Flutter Entertainment developing security detection frameworks. Collaborating with global teams to enhance cybersecurity operations in complex, multi-cloud environments.
Responsibilities
- Design, develop, and maintain threat detection rules, alerts, and dashboards mapped to the MITRE ATT&CK framework using SIEM and other security tools.
- Continuously tune and optimize existing detections to reduce false positives while maintaining high detection efficacy.
- Conduct regular reviews of detection coverage and identify gaps based on threat intelligence, incident trends, and organizational risk profile.
- Test and validate detection effectiveness through atomic testing, purple team exercises, and collaboration with red teams.
- Perform triage and in-depth analysis of security alerts using Splunk, AWS-native tools, and various SaaS security platforms
- Conduct root cause analysis and post-incident reviews to drive continuous improvement.
- Research, design, and implement automation solutions to streamline detection creation, alert enrichment, and incident response workflows.
- Explore and pilot the use of Large Language Models (LLMs) and generative AI to enhance security operations, including automated alert analysis, playbook generation, and response recommendations.
- Develop and maintain automated response playbooks and orchestration workflows using SOAR platforms and scripting.
- Integrate threat intelligence feeds into detection and response workflows to enhance context and prioritization.
- Track threat actor TTPs and translate them into actionable detections.
- Document detection logic, alert triage procedures, incident response playbooks, and automation workflows.
- Contribute to the security knowledge base and runbook library.
Requirements
- Proven experience with SIEM platforms (preferably Splunk) for query development, detection creation, alert tuning, and dashboarding.
- Demonstrated experience in security alert analysis, incident response, and threat hunting within large, complex organizations.
- Hands-on experience with detection validation techniques, including atomic testing frameworks (e.g., Atomic Red Team) and purple team collaboration.
- Strong understanding of the MITRE ATT&CK framework and ability to map threat actor TTPs to defensive controls.
Benefits
- Hybrid & remote working options
- €1,000 per year for self-development
- Company share scheme
- 25 days of annual leave per year
- 20 days per year to work abroad
- 5 personal days/year
- Flexible benefits: travel, sports, hobbies
- Extended health, dental and travel insurances
- Customized well-being programmes
- Career growth sessions
- Thousands of online courses through Udemy
- A variety of engaging office events
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Identity Security Posture Management Specialist enhancing identity security posture at Kemper Insurance. Collaborates across teams to tackle identity risks and compliance challenges in a high - performing culture.
Zscaler Engineer responsible for maintaining cybersecurity tools and developing integrations at HP. Collaborating across teams to enhance data loss prevention strategies and monitor industry threats.
Senior Manager overseeing Security Risk Management at First American. Leading enterprise policies, third - party vendor security, and security strategy execution.
Principal Architect developing cybersecurity strategy for Ensemble's technology - enabled revenue cycle management solutions. Focus on securing cloud architectures and ensuring information assurance in healthcare.
Designer developing comprehensive application solutions for security systems at Johnson Controls. Collaborating on technical sales support and large - scale integrated electronic security systems.
Analyst role supporting Epic Security & Configuration at Acrisure, ensuring application functionality and troubleshooting issues. Collaborating with teams for configuration and security in Applied Epic systems.
Specialist Software Design Verification Engineer in Cybersecurity at Solventum. Responsible for software verification, testing processes, and compliance with medical device regulations.
Lead defensive threat research on generative and agentic AI systems at RBC. Identify emerging threats and develop proof - of - concept exploits to enhance AI security.
Entry - level role in information security at Applied Materials, managing technologies and assisting in compliance with security standards. Contributing to the development of awareness and training.