Detection Engineer - Cyber
Maandag® Middle East
Description
🌍 Client: Cybersecurity Firm
📍 Company Head office: Dubai, UAE
🕒 Employment Type: Full-Time
💼 Mode: Remote from India
Detection Engineer Role:
We are hiring a skilled Detection Engineer to design, develop, and enhance advanced threat detection capabilities across endpoint, network, and cloud environments. The role focuses on building custom detection logic, threat hunting, and translating MITRE ATT&CK techniques into high-fidelity detections.
Key Responsibilities:
Develop custom detection rules using EDR/XDR telemetry
Build detections for process execution, command-line activity, DLL loads, network anomalies, and attack behaviors
Translate threat intelligence and MITRE ATT&CK techniques into actionable detections
Implement and tune detections across Microsoft Defender, CrowdStrike, SentinelOne, Sentinel, and Splunk
Conduct threat hunting and validate detections through attack simulations and purple team exercises
Optimize detections to reduce false positives and alert fatigue
Collaborate with SOC, IR, and Threat Intelligence teams
Required Skills:
Strong hands-on experience with Microsoft Defender, CrowdStrike, and SentinelOne
Expertise in writing custom detection rules using KQL/SPL and Sigma
Deep understanding of endpoint telemetry and attack techniques
Strong knowledge of MITRE ATT&CK framework
Basic to intermediate scripting in Python or PowerShell