Facebook pixel

Principal Detection Engineer
Posted on 12/8/2022
Remote • United States
Experience Level
  • 7+ years in security operations, threat hunting, detection development, offensive operations, threat emulation, or security tool development
  • Experience operationalizing Cyber Threat Intelligence to defend networks from emerging threats
  • Experience with analysis of network packet captures (PCAPs) using tools such as Wireshark and Network Miner
  • Experience with network packet analysis and manipulation using tools such as Tshark (and other Wireshark command line tools), ngrep, tcpdump, Zeek/Bro, and Scapy
  • Awareness of common operating system internals and the ability to identify analytic opportunities
  • Awareness of Windows Event Logging fundamentals which would include reviewing logs in the Windows Event Viewer, enabling of Windows Event Logging, Adjusting Event Log Size and Retention Settings and enabling Advanced Audit Policies
  • Plan and lead the execution of large, ongoing ICS Threat Detection initiatives that focus on emerging Activity Groups or ICS-focused malware
  • Proactively identify threat detection and asset identification tickets. Engage Detection Engineers to support your ideation, asset generation and configuration efforts
  • Lead the selection and prioritization of ICS-focused threat detections (atomic, component, composite, and events) and asset identifications
  • Lead the analysis of Dragos threat intelligence reports (and other sources) to create detection ideation tickets for threat behavior-based detections and asset identifications
  • Lead the analysis of ICS asset types that align with our primary industry verticals to support asset identifications
  • Supporting research and development of new detection techniques, improvements to the engineering workflow and enhancements to the Dragos Platform
  • Support the documented processes for authoring, validating, and testing detections/events to ensure they are released into the product within a Knowledge Pack (KP)

201-500 employees

Industrial cybersecurity controls systems
Company Overview
Dragos' mission is to safeguard civilization from those trying to disrupt the industrial infrastructure we depend on every day. The company offers industrial cybersecurity technology and services purpose-built for industrial control systems (ICS) and operational technology (OT) environments and is continually informed by their globally sourced threat intelligence and industry expertise.
  • Medical, dental, vision, disability, & life insurance
  • 401k with match
  • Equity
  • Competitive compensation
  • Remote working options
  • Pet-friendly options
  • In-house brewery