Thermo Fisher
Detection Engineer
When you join us at Thermo Fisher Scientific, you'll be part of a hard-working, driven team that shares your passion for exploration and discovery. With annual revenues over $40 billion and the most significant investment in R&D in the industry, we give our more than 100,000 colleagues the resources and chances to create meaningful contributions to the world. A Day in the Life:
Collaborate with the Security Operations and Threat Intelligence teams to understand detection needs Operationalize threat hunting findings by developing and optimizing detection rules Work with Incident Response and Digital Forensics teams to refine incident identification and dynamically respond to active threats Keys to Success:
Own the end-to-end process of designing, developing, testing, validating, and tuning detection rules across all relevant security platforms, not just automating responses to existing alerts Analyze security data sources with a detection-centric mentality, identifying patterns indicative of compromise Ensure the accuracy, coverage, and efficiency of data sources and detection logic Optimize the use of existing security tools, including SIEM, EDR, SOAR, and cloud-native security platforms to improve their detection capabilities. This includes writing and managing rules across potentially fragmented toolchains Education:
Bachelor's Degree in Cybersecurity, Computer Science, Systems Engineering, or related field. Equivalent work experience is acceptable Certifications not required, but encouraged: GCDA, GCIH, GMON, GCFA, Network+, Security+ or related certifications Experience:
3+ years of related experience working with cybersecurity operations, threat intelligence, and security frameworks such as MITRE ATT&CK and the Cyber Kill Chain Experience building SIEM & SOAR workflows highly desired Knowledge, Skills, Abilities:
Strong understanding of cybersecurity threats, vulnerabilities and attack vectors Proficiency in scripting languages (Python, PowerShell), data analysis, Detection-as-Code practices, and version control Independent ability to develop and optimize complicated SIEM queries Excellent critical thinking, analytical, and problem-solving skills Understanding of Secure Operation Center (SOC) roles and responsibilities Strong background in networking principles, operating systems, and security tools Excellent written and verbal communication skills The salary range estimated for this position based in Maryland is $113,500.00$170,200.00. This position may also be eligible to receive a variable annual bonus based on company, team, and/or individual performance results in accordance with company policy. We offer a comprehensive Total Rewards package that our U.S. colleagues and their families can count on, which includes: A choice of national medical and dental plans, and a national vision plan, including health incentive programs Employee assistance and family support programs, including commuter benefits and tuition reimbursement At least 120 hours paid time off (PTO), 10 paid holidays annually, paid parental leave (3 weeks for bonding and 8 weeks for caregiver leave), accident and life insurance, and short- and long-term disability in accordance with company policy Retirement and savings programs, such as our competitive 401(k) U.S. retirement savings plan Employees' Stock Purchase Plan (ESPP) offers eligible colleagues the opportunity to purchase company stock at a discount For more information on our benefits, please visit: https://jobs.thermofisher.com/global/en/total-rewards
When you join us at Thermo Fisher Scientific, you'll be part of a hard-working, driven team that shares your passion for exploration and discovery. With annual revenues over $40 billion and the most significant investment in R&D in the industry, we give our more than 100,000 colleagues the resources and chances to create meaningful contributions to the world. A Day in the Life:
Collaborate with the Security Operations and Threat Intelligence teams to understand detection needs Operationalize threat hunting findings by developing and optimizing detection rules Work with Incident Response and Digital Forensics teams to refine incident identification and dynamically respond to active threats Keys to Success:
Own the end-to-end process of designing, developing, testing, validating, and tuning detection rules across all relevant security platforms, not just automating responses to existing alerts Analyze security data sources with a detection-centric mentality, identifying patterns indicative of compromise Ensure the accuracy, coverage, and efficiency of data sources and detection logic Optimize the use of existing security tools, including SIEM, EDR, SOAR, and cloud-native security platforms to improve their detection capabilities. This includes writing and managing rules across potentially fragmented toolchains Education:
Bachelor's Degree in Cybersecurity, Computer Science, Systems Engineering, or related field. Equivalent work experience is acceptable Certifications not required, but encouraged: GCDA, GCIH, GMON, GCFA, Network+, Security+ or related certifications Experience:
3+ years of related experience working with cybersecurity operations, threat intelligence, and security frameworks such as MITRE ATT&CK and the Cyber Kill Chain Experience building SIEM & SOAR workflows highly desired Knowledge, Skills, Abilities:
Strong understanding of cybersecurity threats, vulnerabilities and attack vectors Proficiency in scripting languages (Python, PowerShell), data analysis, Detection-as-Code practices, and version control Independent ability to develop and optimize complicated SIEM queries Excellent critical thinking, analytical, and problem-solving skills Understanding of Secure Operation Center (SOC) roles and responsibilities Strong background in networking principles, operating systems, and security tools Excellent written and verbal communication skills The salary range estimated for this position based in Maryland is $113,500.00$170,200.00. This position may also be eligible to receive a variable annual bonus based on company, team, and/or individual performance results in accordance with company policy. We offer a comprehensive Total Rewards package that our U.S. colleagues and their families can count on, which includes: A choice of national medical and dental plans, and a national vision plan, including health incentive programs Employee assistance and family support programs, including commuter benefits and tuition reimbursement At least 120 hours paid time off (PTO), 10 paid holidays annually, paid parental leave (3 weeks for bonding and 8 weeks for caregiver leave), accident and life insurance, and short- and long-term disability in accordance with company policy Retirement and savings programs, such as our competitive 401(k) U.S. retirement savings plan Employees' Stock Purchase Plan (ESPP) offers eligible colleagues the opportunity to purchase company stock at a discount For more information on our benefits, please visit: https://jobs.thermofisher.com/global/en/total-rewards