Lead Threat Intel Detection Engineer
As a detection engineer on the Threat Intel Detection Engineering (TIDE) team, you will be an integral piece in securing Target against current and future threats. TIDE is a hybrid team of analysts and engineers that work alongside our Strategic Intelligence team. Each engineer is responsible for managing detection platforms and building subject matter expertise on a threat or threat group(s). TIDE engineers also develop bespoke solutions for our detection and workflow needs.
While our primary customer is the Cyber Security Incident Response Team (CSIRT), we also build tooling and detection for threat hunting, investigations, and intelligence operations. We have access to the latest in technology in EDR (endpoint detection and response) and NSM (network sensor monitoring) as well as open source cloud platforms.
Don't think you have what it takes to join our team? No worries, our team is a learning environment and if you have a background in information security, DevOps/engineering, incident response, or threat intelligence, it's likely you could be a member of our team.
Skills that will translate:
- Linux/Windows administration
- ELK engineering & maintenance
- Full-stack development
- Virtual Environments (Docker, OpenStack, etc)
- Scripting (Python, Bash, AWK, Go)
- Threat Hunting
- Security Orchestration
- Endpoint and Network Detection (YARA, Snort, Suricata, Sysmon)
- Statistical Anomaly Detection
- Machine Learning