Opdrachten
Threat Detection Engineer
Info
Functie
Threat Detection EngineerLocatie
Den HaagUren per week
40 uren per weekLooptijd
20.04.2025 - 30.12.2025Opdrachtnummer
232562Sluitingsdatum
16.04.2025
12:00
Rolomschrijving en taakafspraken
Het CV en de motivatie dienen aangeboden te worden in het Engels.
Het CV dient in een Word format aangeleverd te worden.
This is for an preffered candidates
What’s the role
The role is part of the CISO (Cyber Information Security Office) in the Information and Digital Technology organization. The Threat Detection Engineering team supports Shell’s CyberDefence team by developing and implementing cyber threat detection capabilities. These capabilities identify adversary tactics, techniques, and procedures (TTPs), enabling swift action on Events of Interest. Input from various CyberDefence teams, including Threat, Detect, Incident, and the Red Team, informs the detection opportunities. Threat Detection Engineering helps to recognize malicious activities in the early stage of the kill chain, providing an opportunity to intervene before significant harm occurs.
What you’ll be doing
As the Threat Detection Engineer, you will develop correlation searches and reporting capabilities that result in actionable events of interest. The detection searches created in Splunk and Sentinel must be both performant and accurate and continuously updated to adapt to the ever-changing threat landscape.
Accountabilities
• Deliver the Threat Detection Engineering Use Case backlog
• Use scripting/programming languages to test Use Cases and manage git repos
• Develop and implement Custom of use cases that are not yet covered by existing tools and solutions
• Translate IoC use case requests into optimized technical implementation and translate behavioral analytics use case requests into algorithms to be deployed in CyberDefence technologies
• Work with the wider CyberDefence organization in understanding requirements for detection capabilities and detection logic and able to work with the CyberDefence LT to prioritize work effort
• Be the quality gatekeeper for all new and existing detection use cases, with a focus on minimizing false positives and rework
• Support and develop other CyberDefence extended team members with experience and best practices in a continuous learning environment
• Support activities to embed automated use case testing and validation checks
What you bring
• Has a significant IT security experience and solid engineering background
• Experience with solution building by secure in design principles
• Proven experience in coding or scripting experience in languages
• Provenexperience in Splunk Search Processing Language (SPL), some experience with Microsoft Sentinel Kusto Query Language (KQL) preferred
• SC-200 and or Splunk certifications preferred
• Experience developing Indicators of Compromise (IoC) in Security Information & Event Management (SIEM) platforms
• Experience using Git repositories and knowledge of CI/CD pipelines
• Good technical understanding of common IT services including Azure and AWS cloud, Unix/Linux and Windows servers and client machines, database technologies, firewalls and network devices, popular application suites, etc
• Develops and maintains knowledge of cyber security and maintains an awareness of current developments
• Has excellent written and verbal communication skills and provides well-informed advice to own and others outside the core team
What we offer
You bring your skills and experience to Shell and in return you work with talented, committed people on one of the most important challenges facing our planet. You’ll have the opportunity to develop the skills you need to grow in an environment where we value honesty, integrity, and respect for one another. You’ll be able to balance your priorities as you become the best version of yourself.
• Flexible working hours
• Progress as a person as we work on the energy transition together
• Continuously grow the transferable skills you need to get ahead
• Work at the forefront of technology, trends, and practices
• Collaborate with experienced colleagues with unique expertise
• Achieve your balance in a values-led culture that encourages you to be the best version of yourself
• Perform at your best with a competitive starting salary and annual performance related salary increase – our pay and benefits packages are considered to be among the best in the world
• Take advantage of paid parental leave, including for non-birthing parents
• Join an organisation working to become one of the most diverse and inclusive in the world. We strongly encourage applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientation, and life experiences to apply
Bedrijfsgegevens
Bedrijfs gegevens
Shell
Rolomschrijving en taakafspraken
Het CV en de motivatie dienen aangeboden te worden in het Engels.
Het CV dient in een Word format aangeleverd te worden.
This is for an preffered candidates
What’s the role
The role is part of the CISO (Cyber Information Security Office) in the Information and Digital Technology organization. The Threat Detection Engineering team supports Shell’s CyberDefence team by developing and implementing cyber threat detection capabilities. These capabilities identify adversary tactics, techniques, and procedures (TTPs), enabling swift action on Events of Interest. Input from various CyberDefence teams, including Threat, Detect, Incident, and the Red Team, informs the detection opportunities. Threat Detection Engineering helps to recognize malicious activities in the early stage of the kill chain, providing an opportunity to intervene before significant harm occurs.
What you’ll be doing
As the Threat Detection Engineer, you will develop correlation searches and reporting capabilities that result in actionable events of interest. The detection searches created in Splunk and Sentinel must be both performant and accurate and continuously updated to adapt to the ever-changing threat landscape.
Accountabilities
• Deliver the Threat Detection Engineering Use Case backlog
• Use scripting/programming languages to test Use Cases and manage git repos
• Develop and implement Custom of use cases that are not yet covered by existing tools and solutions
• Translate IoC use case requests into optimized technical implementation and translate behavioral analytics use case requests into algorithms to be deployed in CyberDefence technologies
• Work with the wider CyberDefence organization in understanding requirements for detection capabilities and detection logic and able to work with the CyberDefence LT to prioritize work effort
• Be the quality gatekeeper for all new and existing detection use cases, with a focus on minimizing false positives and rework
• Support and develop other CyberDefence extended team members with experience and best practices in a continuous learning environment
• Support activities to embed automated use case testing and validation checks
What you bring
• Has a significant IT security experience and solid engineering background
• Experience with solution building by secure in design principles
• Proven experience in coding or scripting experience in languages
• Provenexperience in Splunk Search Processing Language (SPL), some experience with Microsoft Sentinel Kusto Query Language (KQL) preferred
• SC-200 and or Splunk certifications preferred
• Experience developing Indicators of Compromise (IoC) in Security Information & Event Management (SIEM) platforms
• Experience using Git repositories and knowledge of CI/CD pipelines
• Good technical understanding of common IT services including Azure and AWS cloud, Unix/Linux and Windows servers and client machines, database technologies, firewalls and network devices, popular application suites, etc
• Develops and maintains knowledge of cyber security and maintains an awareness of current developments
• Has excellent written and verbal communication skills and provides well-informed advice to own and others outside the core team
What we offer
You bring your skills and experience to Shell and in return you work with talented, committed people on one of the most important challenges facing our planet. You’ll have the opportunity to develop the skills you need to grow in an environment where we value honesty, integrity, and respect for one another. You’ll be able to balance your priorities as you become the best version of yourself.
• Flexible working hours
• Progress as a person as we work on the energy transition together
• Continuously grow the transferable skills you need to get ahead
• Work at the forefront of technology, trends, and practices
• Collaborate with experienced colleagues with unique expertise
• Achieve your balance in a values-led culture that encourages you to be the best version of yourself
• Perform at your best with a competitive starting salary and annual performance related salary increase – our pay and benefits packages are considered to be among the best in the world
• Take advantage of paid parental leave, including for non-birthing parents
• Join an organisation working to become one of the most diverse and inclusive in the world. We strongly encourage applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientation, and life experiences to apply
De recruiter
Source
Deel deze opdracht
Meer opdrachten als deze
Plaats jouw bieding op Striive
https://login.striive.com/Voor deze opdracht dien je een bieding te plaatsen op Striive. Striive is het grootste opdrachtenplatform van de Benelux waar jaarlijks meer dan 20.000 opdrachten gepubliceerd worden.