Threat Detection Engineer /XDR/ / Pharma /100/ remote/
We are looking for a Threat Detection Engineer to support the cybersecurity operations of a global pharmaceutical company. In this role, you will design, implement, and optimize detection mechanisms that proactively identify malicious activity across on-premise, cloud, and hybrid environments. You will play a key role in strengthening the organization’s security posture by leveraging advanced detection technologies, threat intelligence, and cross-team collaboration. This is an opportunity to work alongside Threat Intelligence, Security Operations, and Incident Response teams to stay ahead of an ever-evolving threat landscape. TASKS & RESPONSIBILITIES :
- Develop and maintain detection rules for Microsoft XDR and other detection platforms.
- Continuously monitor and assess the evolving threat landscape to update detection logic.
- Research and analyze emerging threats, TTPs, and attacker behaviors to improve detection capabilities.
- Build and refine automated workflows and integrations using scripting languages and APIs.
- Collaborate with Threat Intelligence, Incident Response, and other security stakeholders to ensure aligned and effective detection coverage.
- Support tuning and optimization efforts to enhance detection accuracy and minimize false positives.
- Conduct log analysis, endpoint activity reviews, and packet inspection to identify and validate suspicious behaviors. SKILLS : Minimum of 3-5 years in cybersecurity roles, such as Threat Hunter or Detection Engineer:
- Threat Detection Expertise:
- Experience with endpoint detection and response (EDR) solutions (e.g., CrowdStrike, FortiEDR, Defender for Endpoint).
- Familiarity with behavioral analytics and anomaly detection techniques.
- Threat Intelligence and Analysis:
- Understanding of threat intelligence sources (e.g., MITRE ATT&CK, D3FEND) and their application in detection strategies.
- Ability to research and adapt to emerging threats and attack methodologies.
- Programming and Automation:
- Scripting skills in Python, PowerShell, or Bash for automating security tasks.
- Experience developing integrations and automated workflows using APIs.
- Cloud and Network Security:
- Hands-on experience with cloud security tools (e.g., AWS GuardDuty, Azure Security Center).
- In-depth knowledge of IP networks, firewalls, intrusion detection/prevention systems (IDS/IPS), and packet analysis.
- Operating Systems:
- Strong knowledge of Linux and Windows internals, including log analysis and common attack vectors.
- Tool Proficiency:
- Familiarity with open-source tools like Zeek, Falco, Wireshark, and OSQuery.
- Knowledge of malware analysis tools and techniques.
- Fluent English. SCHEDULE :
- 08/09h -17/18h from Monday to Friday (flexible)
- 100% remote (your presence in the client's offices will be required once per month) CONDITIONS :
- Salary package based on your profile. We will discuss it on our first call.
- Permanent Contract
- Ticket restaurant included in-office hours
- Flexible Retribution Program (medical insurance, public transport ticket and childcare check)
- Discounts on gym network (Wellhub)
- Learning & Development
- Friend Referral Program Our goal is that you are well in every way! Original job Threat Detection Engineer /XDR/ / Pharma /100/ remote/ posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs. Apply tot his job Apply tot his job
Apply tot his job Apply To this Job