Detection Engineer About the Role We are looking for a Senior Detection Engineer to join our international cybersecurity team. The person who joins will help build upon the current ATT&CK-based; detection manual used by the Getronics Security Operations Center (SOC), and take it to the next level of maturity and capability. Additionally, they will support the day-to-day threat detection work of a team of analysts servicing a wide range of clients across various industries, including Getronics' private/hybrid cloud and internal IT services. Key Responsibilities · Develop threat detection rules to identify modern attacker tactics and techniques, working closely with threat intelligence, incident response, security analysts, and infrastructure/security architecture teams. · Maintain and optimize the existing detection rulebase, applying lifecycle management and deprecating rules where needed. · Assess ATT&CK; coverage to identify detection gaps and improvement opportunities. · Define and maintain effective detection metrics. · Support compliance-related use cases as required. · Create and maintain lists to support correlation rules. · Design dashboards for specific threat detection use cases and train analysts on their use. · Provide input into threat hunting activities through the development of efficient search queries. · Collaborate with business and IT teams to create detection strategies aligned with current and emerging business needs. · Analyze alert trends and propose improvements. · Support data collection improvements and maintain configuration management documentation. Requirements · Minimum of 2 years' experience as a Cybersecurity Detection Analyst working with SIEM technologies (QRadar, LogRhythm, Splunk, Elastic Security, InsightIDR, AlienVault OSSIM, etc.). · Previous experience in other technical cybersecurity roles such as SOC Analyst, Threat Intelligence Analyst, or Pentester. · Hands-on experience implementing detection playbooks based on the MITRE ATT&CK; framework. · Strong analytical and problem-solving skills. · Solid understanding of the current threat landscape, including common attack vectors and best practices for protecting systems and networks. · Advanced knowledge or experience with at least two of the following technologies: Python, RegEx, Sigma, YARA. · Experience fine-tuning correlation rules for optimal performance. · Strong communication skills with the ability to document clearly and summarize effectively. · Fluent English is mandatory due to international team collaboration. · Structured, goal-oriented working style.