Senior Threat Detection Analyst
Kaseya
Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.
Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture, please click here: Kaseya Culture.
Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD, being GRITTY, being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers, and the betterment of their careers and long-term financial wealth.
WHAT YOU’LL DO:
As a Senior Detection Engineer at Kaseya, you'll be on the cutting edge of cybersecurity, tasked with researching, building, and maintaining high-confidence detection logic for our security monitoring products. You’ll dive deep into the latest cyber threats, malware, and adversary techniques, then apply that research to build detection rules and analytics that keep our customers protected. You’ll collaborate with security product teams, validate detection logic, and serve as a senior technical resource during active incident responses. If you love working with complex security problems and are passionate about developing detection solutions that can stop adversaries in their tracks, this is the role for you!
WHAT WE ARE LOOKING FOR:
We’re looking for a seasoned detection engineer with a deep understanding of malware analysis, adversary tactics, and detection engineering. You’ll report to the Director of Security Operations and work closely with other security teams to ensure Kaseya's security products have the most effective detection capabilities in the industry. The ideal candidate will bring a strong foundation in computer networking, cyber operations, and detection engineering, combined with the drive to build and improve security tools that help customers mitigate advanced threats.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Threat Research: Conduct in-depth research into the latest malware and adversary tactics, techniques, and procedures (TTPs) to stay ahead of emerging threats.
- Detection Logic Development: Build, tune, and maintain detection analytics, rules, and countermeasures for our security products, including Endpoint Detection and Response (EDR).
- Simulate Attacks: Perform adversary attack simulations to validate detection logic and improve detection accuracy and efficiency.
- Collaborate with Product Teams: Work closely with security product teams to identify coverage gaps and areas for improving detection within Kaseya’s security offerings.
- Incident Response Support: Serve as a senior technical resource to Security Operations Centers (SOC) during active response efforts, providing expertise on detection capabilities and how they can be used to thwart adversaries.
WHAT YOU’LL BRING:
- Experience:
- At least 5 years working in networking administration and computer networking.
- A minimum of 2 years working in cyber operations, including SIEM and EDR monitoring, triage, incident response, threat hunting, and forensics.
- 2+ years of hands-on experience developing detection analytics, SIEM/EDR rules, and related content.
- Cybersecurity Knowledge:
- Familiarity with common malware families and adversary Tactics, Techniques, and Procedures (TTPs), especially frameworks like MITRE ATT&CK™.
- General knowledge of Windows, Linux, and macOS operating system internals.
- Technical Proficiency:
- Proficiency in using regex and SQL query languages.
- Experience using offensive testing tools like Cobalt Strike, Mimikatz, Metasploit, or Atomic Red Team (a nice-to-have).
DESIRED SKILLS:
- Education: A Bachelor's degree or equivalent IT work experience.
- Threat Hunting & Data Analytics: Working knowledge of threat hunting and data analytics tools like Elastic, Athena, Snowflake, or other SQL-based databases.
- Scripting Skills: Proficiency with scripting languages like Bash, PowerShell, and Lua (nice-to-have).
- Incident Response Experience: Experience in Digital Forensics and Incident Response (DFIR).
- Certifications: One or more of the following certifications would be a plus: GCFA, GCFE, GREM, GNFA, or OSCP.
Join the Kaseya growth rocket ship and see how we are #ChangingLives !
Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.