Detection EngineerDelft or Madrid (Remote)Our Global Detection Engineering Team provides detection capabilities for various security products used in our 24/7 managed monitoring service with customers all over the world. This role will be to join our detection engineering team, where you will focus on one of our detection capabilities. You will use our latest Threat Intelligence and your own creativity to write and maintain detection logic for our customers. Previous experience with detection engineering is not a prerequisite. We're looking for a wide range of backgrounds for potential candidates, the exact responsibilities of any candidate can be tailored given their experience and skillset. Any candidate that only partially matches the skillset is encouraged to apply.The OpportunityDevelop new detection logic to contribute to Detection Engineering content repository.Continuously improve existing detection logic.Write and maintain detection tests cases.Review findings of TI, CERT, and Red Team activities and evaluate from a detection engineering improvement perspective.Key AccountabilitiesResearching data sets and potential IOCs for distributionRunning tools/techniques to get dataResearching log sources and data setsWriting rules and alert logicWriting test processes and procedures for the logicMonitoring test output and bug fixingMonitoring the system & data healthAdd global filters to detection logic based on operational feedbackScheduling and deploying new analyticsKeep generic detection lookups consistent with new Detection tools/versionsEnsuring work is up-to-date or trackedMinimum RequirementsProven experience in detection engineering on a range of technologies (SIEM and EDR, ideally NDR as well)ORProven experience in SOC or Managed Detection ServicesORProven experience in Analytically-minded IT Systems administration/Network Administration and looking for a change in career/focus on SecurityANDExcellent oral and written communication skillsAbility to work with client engagement teams and NCC colleagues to continuously improve the service we deliverGood understanding of IT Systems and platforms from a security contextDesirable RequirementsA security mindset and demonstrable experience or knowledge of the contemporary attack tactics and techniques.Forensics or Incident Response competency would be considered valuableStrong knowledge of the latest threats in security or is eager to build this knowledge,Experience with simulating attacks. Certificates such as CEH and OSCP are not required but are a plus.Experience with Endpoint or Network monitoring.Experience with SIEM tools, preferably Splunk and/or Microsoft Sentinel.Experience with Scripting languages such as PowerShell, Python, BashExperience with version control (Git, Azure Dev Ops, etc.)And has knowledge of one or more of the below:Azure or other cloud technologies,Windows Active Directory,Windows Operating System fundamentals,Networking fundamentals.Ways of workingFocusing on Clients and Customers.Working as One NCC.Always Learning.Being Inclusive and Respectful.Delivering Brilliantly.Our companyAt NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.Our colleagues are our greatest assets, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.Come join us?What do we offer in return?We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:⏰Flexible working💸 Financial & InvestmentPensionLife AssuranceShare Save SchemeMaternity & Paternity leave🙋🏾Community & Volunteering Programmes⚡ Green Car Scheme🚴 Cycle Scheme🧑🏻🤝🧑🏻 Employee Referral Program🧘🏻 Lifestyle & Wellness🎓 Learning & Development👨🏿🦽 Diversity & InclusionSo, what’s next?If this sounds like the right opportunity for you, then we would love to hear from you! Click on apply to this job to send us your CV and cover letter and the relevant member of our global talent team will be in touch with you. Alternatively send your details to global.ta@nccgroup.com .About your applicationWe review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy (candidate-privacy-notice-261023.pdf (nccgroupplc.com)). We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.
