Security Developer/Researcher - NDR/IPS/IDS (Network)

As a Detection Engineer in the MDR team, your role is to design, develop, and optimize high-fidelity security detections across network, endpoint, and cloud environments. Your deep expertise in networking, protocols, and threat detection will help in solving complex security challenges and improving threat visibility for customers. Key Responsibilities: - Design, develop, tune, and optimize detections focusing on NDR/IDS/IPS detections, anomaly-based and behavioral-based detections. - Research emerging network-based threat vectors and convert them into effective security detections. - Perform in-depth analysis of network traffic and protocols like TCP/IP, DNS, HTTP, etc. - Write, review, and optimize Suricata/Snort rules. - Leverage MITRE ATT&CK, PCAP analysis, and threat intelligence feeds to enhance detection coverage. - Collaborate with MDR analysts and engineering teams to address complex detection and security challenges. - Contribute to enhancing detection quality, coverage, and performance continuously. Required Skills & Experience: - 4+ years of hands-on detection authoring experience, primarily in network security. - Strong understanding of networking fundamentals, protocols, IDS/IPS/NDR technologies, and network-related security domains. - Proven ability to research threats and develop detections for network-based attack techniques. - Experience with MITRE ATT&CK, PCAPs, and threat intelligence feeds. - Working knowledge of third-party firewalls, IDS/IPS, and network edge devices, including PAN, Cisco, Fortinet. - Development & Engineering Experience: - Proficiency in at least two of the following languages or practices: Python, Go, Java, or C/C++. - Familiarity with Test-Driven Development (TDD), DevOps tools, secure development best practices. - Cloud development experience in AWS, Azure, or GCP, including Kubernetes/Containers, IaaS, and key PaaS services. - Knowledge of Agile methodologies (Scrum/Kanban). (Note: No additional details of the company were provided in the job description),