Detection Engineer

Do you wake up each morning, go online and read about what the malicious actors are up to right now? Do you read information about the latest CVE during your breakfast? Are you maybe thinking of how to build detection rules for your favorite SIEM during lunch? Or what you need to do to update your Sysmon configuration to make it better?

Look no further, we have a super technical position that is all about enhancing our services that are playing their part in building a safer digital society.

As a part of the Detection Engineering team, you will work closely with our Threat Intelligence team and our research team. You will continuously improve our detection capabilities for current and new threats. Some of your time will be spent supporting on new customer implementations so that we can guarantee that quality is always achieved.

What exactly are we looking for?

- You must have experience working with blue teaming or any area related to the defensive side. Plus if you have worked on both sides!
- Knowledge of tactics, tools and techniques that are used by attackers (We assume you know what mimikatz is)
- Maybe you have experience in working with EDR or SIEM tools, where perhaps you have created rules to further enhance detection?
- Experience in evaluating forensic reports and can argue why this is important to build better defenses
- Broad understanding of network architecture and network security protocols
- We do a lot of programming, so python is a plus. If you have done apps such as apps for Splunk that is also a plus!
- Have you worked with Microsoft products such as Defender for Endpoint, Sentinel or Sentinel SOAR? This is a huge plus!

As you may have guessed we build a lot of cool stuff, and we agree on the fact that we need to build custom solutions for some of today's problems. Being an engineer is really in our backbone.

Certifications are not important but if you have them, why not show them to us? Your education and background should include experience within the cyber security field.

What if you have simply built a lot of cool stuff at home and you are completely self-taught? That is also super interesting! Come and show us.

Why us?

- Opportunity to work with market leading technology in combination with some of the industry’s most talented experts
- Flexible work environment
- We will provide you with opportunities of development, both within your professional role but also the opportunity to develop within the organization where only your ambitions set the limit!
- A challenger culture that encourages you to be self-driven and curious

The story of Orange Cyberdefense

Orange Cyberdefense is Sweden’s leading company in cyber security. Our vision is to contribute to a safer digital society by fighting different kinds of cybercrimes. We have about 2700 employees worldwide and 390 in Sweden. We offer our customers services within Anticipate, Identity, Protect, Detect and Respond.

At Orange Cyberdefense, we are all different but with the same passion; and that is our greatest strength. We are proud of our individual differences, experiences and histories and are convinced that we must include everyone to offer solutions that protect everyone. That is why we always make sure to treat all applications equally.

How to join us

Join us by sending your application through our application form. The selection is ongoing, and the position can be filled before the last application date. If you have any questions, you are very welcome to contact responsible recruiter Fanny Westergren ([email protected]).