• Job Description

  Req#: REF13180J

  About us, but we’ll be brief

  Experian is the world’s leading global information services company, unlocking the power of data to create more opportunities for consumers, businesses and society. We are thrilled to share that FORTUNE has named Experian one of the 100 Best Companies to work for. In addition, for the last five years we’ve been listed as one of the 100 “World’s Most Innovative Companies” by Forbes Magazine.

  
  

  The Threat Detection Engineering team within the global security operations center (GSOC) is responsible for developing and maintaining high-quality threat detection rules informed by the most critical threats targeting Experian. The Cyber Threat Detection Engineer role is primarily responsible for:

  1. Maintaining and tuning high fidelity, low noise alerts to effectively identify and prioritize critical issues, minimizing false positives, and enhancing the overall security posture of Experian.

  2. Coordinate new Use Cases entering the ecosystem to detect against threats within the MITRE ATT&CK Framework, prioritized by cyber threat intelligence and situational awareness.

  Duties include:

  • Develop and maintain high-quality threat detection rules, queries, and alerts based on identified use cases, threat scenarios, and structured threat intelligence, including MITRE ATT&CK™ Tactics, Techniques and Procedures (TTPs).
  • Leverage the MITRE ATT&CK™ Framework and other forms of structured threat intelligence to enhance detection capabilities, develop contextualized alerts, and improve overall security posture.

  • Create and implement automated workflows and playbooks in tools such as Swimlane to enhance incident response capabilities and streamline security operation.
  • Collaborate closely with cross-functional teams, including Security Operations Center (SOC) analysts, Incident Responders and Threat Intelligence researchers to understand and respond to emerging threats.
  • Continuously research and stay up to date with the latest cyber threats, attack vectors, and methodologies to improve detection capabilities.
  • Evaluate and recommend new security tools, techniques, and process to enhance the organization threat detection and response capabilities.
  • Conduct regular reviews and assessments of detection rules and automated workflows to ensure optimal performance, effectiveness, and accuracy.

  • Participate in incident response activates and provide subject matter expertise when required.
  • Develop and maintain documentation related to threat detection and automation processes and procedures aligning to leading practices.
  • Provide training and guidance to team members to enhance their understanding of threat detection methodologies, automation techniques, and structured threat intelligence.

  Demonstrates expert technical skills that are needed to defend the enterprise environment, such as:

  • 3+ years of information security related experience, in areas such as: security operations, incident analysis, incident handling, vulnerability management or testing, system patching, log analysis, intrusion detection, or security device administration.
  • Proficiency in Splunk or other SIEM tools, including rule creation, query writing, and alert management.
  • Experience with Swimlane or other SOAR platforms and implementing automated workflows and playbooks.
  • In-depth packet analysis skills, core forensic familiarity, incident response skills, and data fusion skills based on multiple security data sources.
  • Scripting and automation.

  • System administration on Unix, Linux, or Windows.
  • Network forensics, logging, and event management.
  • Defensive network infrastructure (operations or engineering).
  • Vulnerability assessment and penetration testing concepts.
  • Malware analysis concepts, techniques, and reverse engineering.

  • In-depth knowledge of network and host security technologies and products (such as firewalls, network IDS, scanners) and continuously improve these skills.
  • Security monitoring technologies, such as WAF, Web Proxies, UEBA, DLP, among others.
  • Strong understanding of MITRE ATT&CK™ framework, cyber threat landscapes, attack vectors and threat actors.
  • Familiarity with common cybersecurity frameworks such as NIST, or other leading practices, and industry standards.
  • Relevant security certifications such as CISSP, GCIH, GCIA, or similar are highly desirable.

  Demonstrates behavioral skills, such as:

  • Strong analytical and problem-solving skills, with the ability to identify and prioritize critical issues.
  • Excellent written and verbal communication skills, with the ability to clearly explain complex security concepts to both technical and non-technical audiences.
  • Ability to lead content discussion around incident investigation efforts and effectively coordinate communications.
  • Demonstrated ability to work in a team environment, able to train and coach other team members.

  • Strong logical thinking abilities, especially with content logic.
  • Excellent analytical and problem-solving abilities.
  • Excellent organizational and attention to details in tracking activities within various Security Operation workflows.
  • Well established client-focused communication skills that requires to read, review, investigate, and summarize reports on complex issues, in a manner that can be understood by non-technical readers.
  • Ability to lead content discussion around incident investigation efforts and effectively coordinate communications.

  Education

  • A bachelor’s degree is not required, but a degree program with an emphasis on the technical aspects of cybersecurity is very beneficial.

  Culture at Experian

  Our uniqueness is that we truly value yours.

  Experian's culture, people, and environments are key differentiators. We take our people's agenda very seriously. We focus on what truly matters; diversity and inclusion, work/life balance, flexible work, development, engagement, collaboration, wellness, rewards & recognitions, volunteering... the list goes on!

  Our benefits include: Medical, life and dental insurance, Asociacion Solidarista, International Share Save Plan, Flex Work/Work from home, Paid time off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.

  Experian Careers - Creating a better tomorrow together

  Find out what its like to work for Experian by clicking here

  Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and it ensures that we live what we believe.

  Experian Careers - Creating a better tomorrow together

  Find out what its like to work for Experian by clicking here

  Experian is proud to be an Equal Opportunity and Affirmative Action employer. Our goal is to create a thriving, inclusive and diverse team where people love their work and love working together. We believe that diversity, equity and inclusion is essential to our purpose of creating a better tomorrow. We value the uniqueness of every individual and want you to bring your whole, authentic self to work. For us, this is The Power of YOU and it ensures that we live what we believe.

• About the company

  Experian plc is an Anglo-Irish multinational consumer credit reporting company.

Notice