Detection engineers (defensive specialists/blue teamers) at FalconForce are experienced consulting professionals who deliver high-quality defensive security services around the world. In small teams you will work with our offensive specialists and our clients to help them become resilient against digital attacks and additionally deliver hands-on R&D to increase the quality of our services and contribute to the community. Your mission: detecting advanced threat actors in complex IT environments.
- At least 5 years of hands-on experience with detection engineering, hunting and/or incident response.
- Willingness and capability to research complex topics and publish/speak about it publicly.
- Good understanding of mitigation options in an enterprise environment.
- Ability to do deep technical research and produce implementable content, suitable to an enterprise environment.
- Good understanding of infrastructure and architectural best practices / hardening baselines.
- Experience with Azure cloud, Microsoft Defender suite and specifically Azure Sentinel; or a clear ambition and skillset to become an SME in this area quickly.
- Hands-on coding experience with PowerShell, Python, or .NET. Especially helpful if this is related to automation.
- Deep understanding of Windows internals (Linux and/or Mac is a valuable nice-to-have).
- You do not shy away from building your own lab or develop a validation pipeline.
Please apply if you recognize yourself in the following. You:
- Bring the best of offensive and/or defensive technical security skills.
- Enjoy working cross-domain with other technical specialists.
- Have sharp analytical, innovation and pragmatic problem-solving skills.
- Possess an inquisitive mindset – you really want to know how something works.
- Are excited about doing hands-on R&D/tool development.
- Love sharing knowledge with the community via publications or talks.
- Have the highest ethical standards that are required for the sensitive work we do.
- Can manage day-to-day responsibilities with a mix of remote and onsite teams.
- Live in the Netherlands and hold an EU passport. We are open to discuss remote working from an EU country.
- Have a high level of proficiency in business English.
- Dare to ask the hard questions ;-)
Want to hear more about what we do, where we want to go, and see if there’s a match? Please drop us an email at firstname.lastname@example.org with your CV (in PDF format) and meet us!
Please note: acquisition based on this vacancy is not appreciated.