Job Description
We are looking for a Threat Detection Engineer to support the cybersecurity operations of a global pharmaceutical company. In this role, you will design, implement, and optimize detection mechanisms that proactively identify malicious activity across on-premise, cloud, and hybrid environments. You will play a key role in strengthening the organization’s security posture by leveraging advanced detection technologies, threat intelligence, and cross-team collaboration. This is an opportunity to work alongside Threat Intelligence, Security Operations, and Incident Response teams to stay ahead of an ever-evolving threat landscape.
TASKS & RESPONSIBILITIES : • Develop and maintain detection rules for bolthires XDR and other detection platforms. • Continuously monitor and assess the evolving threat landscape to update detection logic. • Research and analyze emerging threats, TTPs, and attacker behaviors to improve detection capabilities. • Build and refine automated workflows and integrations using scripting languages and APIs. • Collaborate with Threat Intelligence, Incident Response, and other security stakeholders to ensure aligned and effective detection coverage.
• Support tuning and optimization efforts to enhance detection accuracy and minimize false positives. • Conduct log analysis, endpoint activity reviews, and packet inspection to identify and validate suspicious behaviors. SKILLS : Minimum of 3-5 years in cybersecurity roles, such as Threat Hunter or Detection Engineer: • Threat Detection Expertise: • Experience with endpoint detection and response (EDR) solutions (e.g., CrowdStrike, FortiEDR, Defender for Endpoint). • Familiarity with behavioral analytics and anomaly detection techniques.
• Threat Intelligence and Analysis: • Understanding of threat intelligence sources (e.g., MITRE ATT&CK, D3FEND) and their application in detection strategies. • Ability to research and adapt to emerging threats and attack methodologies. • Programming and Automation: • Scripting skills in Python, PowerShell, or Bash for automating security tasks. • Experience developing integrations and automated workflows using APIs. • Cloud and Network Security: • Hands-on experience with cloud security tools (e.g., AWS GuardDuty, Azure Security Center).
• In-depth knowledge of IP networks, firewalls, intrusion detection/prevention systems (IDS/IPS), and packet analysis. • Operating Systems: • Strong knowledge of Linux and Windows internals, including log analysis and common attack vectors. • Tool Proficiency: • Familiarity with open-source tools like Zeek, Falco, Wireshark, and OSQuery. • Knowledge of malware analysis tools and techniques. • Fluent English. SCHEDULE : • 08/09h -17/18h from Monday to Friday (flexible) • 100% remote (your presence in the client's offices will be required once per month) CONDITIONS : • Salary package based on your profile.
We will discuss it on our first call. • Permanent Contract • Ticket restaurant included in-office hours • Flexible Retribution Program (medical insurance, public transport ticket and childcare check) • Discounts on gym network (Wellhub) • Learning & Development • Friend Referral Program
Our goal is that you are well in every way! Original job Threat Detection Engineer /XDR/ / Pharma /100/ remote/ posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs. Apply tot his job Apply tot his job