research
Posted 4 weeks agoSecurity Developer/ Researcher - Detection
at Arctic Wolf
Bengaluru, IndiaRemote
Responsibilities
- Develop and maintain Python and YAML-based detections, software, and supporting systems
- Research and develop expertise across multiple threat surfaces and telemetry sources
- Design and improve behavioral, anomaly-based, and signature-based detections
- Continuously tune and optimize detections to improve quality, scale, and performance
- Propose coverage and efficacy improvements across the detection surface
- Collaborate with team members to develop novel detection methodologies and continuously improve existing detections
- Build runbooks, reports, and supporting operational material for detection surfaces
- Write clean, efficient, reusable, and secure Python code
- Conduct code reviews and provide constructive feedback to improve code quality and maintainability
- Optimize application and detection performance while ensuring scalability and reliability
- Conduct duties in accordance with Arctic Wolf information security policies, standards, and controls
Requirements
- Debug and resolve issues within existing Python codebases and detection systems
- Develop an understanding of the Arctic Wolf platform and Security Services delivery model
- experience as a Detection Developer or Security Developer You have hands-on
- experience developing projects using Python or YAML You have
- experience working with operating system telemetry including Windows Security logs, Sysmon, and Linux telemetry You have
- experience with Windows PowerShell monitoring and detection development You have
- experience building Security Information and Event Management detections You have
- experience developing endpoint detection and response detections or signatures You have
- experience working with Sigma and YARA rules You have
- experience developing anomaly-based and behavioral detections You have
- Professional certifications in security or cloud technologies such as Certified Information Systems Security Professional, GIAC Certified Forensic Analyst, GIAC Reverse Engineering Malware, or related certifications