Detection Engineer

We are looking for Detection Engineer with AI exposure.

Client: Cybersecurity Firm

Company Head office: Dubai, UAE

Employment Type: Full-Time

Role Purpose

Own the technical onboarding and telemetry readiness that powers the MDR service. Ensure every client environment delivers clean, complete, and actionable data into the MDR platform from day one.

Detection Engineering (Core Focus)

Design and develop custom detection rules from scratch using endpoint, network, and cloud telemetry

Translate MITRE ATT&CK techniques into actionable detection logic

Build detections based on:

Process execution patterns

Command-line analysis

Parent-child relationships

DLL loads and memory behaviors

Network anomalies

Threat Behavior Modeling

Analyze attacker tactics, techniques, and procedures (TTPs)

Convert threat intelligence into practical detection use cases

Continuously refine detections to reduce false positives

Detection Implementation

Implement detection logic across platforms such as:

Microsoft Defender for Endpoint

CrowdStrike Falcon

SentinelOne

SIEM tools (e.g., Microsoft Sentinel, Splunk)

Work with:

KQL (Kusto Query Language)

Sigma rules

EDR custom detection frameworks

Threat Hunting & Validation

Proactively hunt for threats using hypothesis-driven approaches

Validate detection rules through:

Simulated attack scenarios

Red team / purple team exercises

Continuous Improvement

Tune detection rules for:

Accuracy

Performance

Scalability

Eliminate alert fatigue by improving signal-to-noise ratio