Job Description
Description
NCC Group is looking for a Detection Engineer to join the Detection Engineering team. The role will focus on developing, maintaining, and improving Splunk-based security detections across cloud, infrastructure, and custom log sources.
The successful candidate will help turn security risks, threat models, assurance requirements, and log sources into practical detections that can be deployed, tuned, and documented.
The successful candidate will help turn security risks, threat models, assurance requirements, and log sources into practical detections that can be deployed, tuned, and documented.
Key Responsibilities
- Develop and maintain detections using Splunk SPL.
- Analyse logs from cloud, infrastructure, application, gateway, Linux, SSH, CDN, vulnerability management, and audit sources.
- Create detections for areas such as:
- cloud security monitoring and cloud control-plane activity,
- infrastructure, platform, and access-related security events,
- bespoke assurance use cases based on customer-specific log sources,
- suspicious or anomalous act...