16 Suricata Jobs

Job Title: Threat Intelligence & Incident Response Engineer Key Responsibilities: Configure and manage Suricata IDS/IPS sensors for network monitoring. Deploy and integrate TheHive for case management and IR automation. Set up MISP for threat intelligence feeds and correlation with SOC events. Work with Wazuh & ElasticSearch to correlate logs with IDS and TI data. Develop automated SOC workflows ( SOAR-style ) for incident triage and escalation. Conduct threat hunting and provide insights to improve detection rules. Requirements: Hands-on experience with Suricata , TheHive , MISP (any two required, all three ideal). Strong background in log analysis and incident response . Familiarity with M...

As a Detection Engineer in the MDR team, your role is to design, develop, and optimize high-fidelity security detections across network, endpoint, and cloud environments. Your deep expertise in networking, protocols, and threat detection will help in solving complex security challenges and improving threat visibility for customers. Key Responsibilities: - Design, develop, tune, and optimize detections focusing on NDR/IDS/IPS detections, anomaly-based and behavioral-based detections. - Research emerging network-based threat vectors and convert them into effective security detections. - Perform in-depth analysis of network traffic and protocols like TCP/IP, DNS, HTTP, etc. - Write, review, and...

As a Threat Researcher at our company, you will be responsible for identifying cyber threats, dissecting code, and reverse engineering malware. You will work semi-autonomously to conduct research, produce concise written analysis, and create visual presentations of your findings. Additionally, you will collaborate with clients to provide innovative detection and eradication solutions, ultimately reducing risk to their networks and operations. We are seeking passionate self-starters who can quickly grasp and fulfill company and customer requirements. **Key Responsibilities:** - Examine malicious software to identify new techniques and exploit targets on behalf of client intelligence needs - P...

As an experienced Network Security Engineer, you will be responsible for deploying various Open-Source Network Security Solutions, integrating relevant components, and optimizing performance and rules set. Your role will involve event-driven process flow and actions customization of IPC and enrichments, as well as system engineering for reliability and system performance improvement. Additionally, you will conduct research on new approaches and contribute to IP creation. Key Responsibilities: - Work on Network Security Products such as IDS / IPS, Next Generation Firewall - Product Development / Solution Engineering - Handle IP networking, IP networking Protocols, Computer System internals, I...

Key Responsibilities: Perform incident analysis and escalate when necessary. Document findings for seamless handover to L3 or other responders. Conduct threat research and data analysis. Coordinate with IT/Application/Infrastructure teams for issue resolution. Execute deep dives and threat hunts; propose corrective actions. Develop detection use cases based on threat intelligence. Analyze malware sandbox results and phishing campaigns. Tune detection rules and improve playbooks. Mandatory Skills & Tools: SIEM & EDR Tools: Azure Sentinel, Microsoft Defender Suite (E5 stack), Defender for Endpoint, Identity, O365, CloudApps, Defender for Cloud Query Languages: KQL, MS-KQL, SPL, ArcSight Networ...

Application Security Perform security reviews, code audits, and threat modeling of web and mobile applications. Work with DevOps and development teams to integrate secure coding practices and tools (e.g., SAST, DAST, SCA). Conduct penetration testing and vulnerability assessments on internal and external applications. Remediate OWASP Top 10 and other emerging threats. Infrastructure & Server Security Harden Linux and Windows servers following CIS/NIST benchmarks. Implement endpoint security solutions (AV, EDR, MDM). Monitor, detect, and respond to system anomalies and unauthorized access. Manage patching and update cycles in coordination with system teams. Network Security Secure network arc...

Responsibilities: Teach Red & Blue Team topics: Ethical Hacking, SOC, SIEM, IR, AI Conduct labs using Kali, Burp, Wireshark, Suricata, OpenVAS Mentor in Threat Hunting, Splunk/ELK Design CTFs & labs Send resume to recruiter@cyberspotacademy.com

About The Job At Arctic Wolf, we're not just navigating the cybersecurity landscape - we're redefining it. Our global team of dedicated Pack members is driving innovation and setting new industry standards every day. Our impact speaks for itself: we've earned recognition on the Forbes Cloud 100, CNBC Disruptor 50, Fortune Future 50, and Fortune Cyber 60 lists, and we recently took home the 2024 CRN Products of the Year award. We're proud to be named a Leader in the IDC MarketScape for Worldwide Managed Detection and Response Services and earning a Customers Choice distinction from Gartner Peer Insights . Our Aurora Platform also received CRN's Products of the Year award in the inaugural Secu...

As a Network Security Engineer at our company in Bangalore, India, you will play a crucial role in ensuring the organization's network security. Your expertise in offensive cybersecurity and threat detection will be vital in protecting the organization's assets. - Perform comprehensive security assessments and penetration testing to identify vulnerabilities and risks. - Develop and implement effective offensive cybersecurity strategies to safeguard the organization's assets. - Monitor and analyze network traffic to detect and respond to potential threats. - Write, update, and optimize Suricata or Snort signatures to enhance threat detection capabilities. - Collaborate with IT teams to evalua...

Calix is hiring Security Researcher to join their Threat Intelligence team in Bangalore. The successful candidates will lead efforts in identifying, analyzing, and mitigating network threats. Develop and implement advanced threat detection and prevention strategies. Additionally, they will enhance threat detection capabilities through various research activities. In this role, you will collaborate with the security engineering and threat intelligence teams to support the development, validation, and research of network intrusion detection capabilities. Your contributions will directly impact the enhancement of threat detection signatures, research of emerging threats, and improvement of inte...

Own threat detection, response, and hardening across cloud and endpoint estates. Design/operate SIEM/XDR/SOAR with detection engineering mapped to MITRE ATT&CK, and automate triage using GenAI for alert summarisation, enrichment, and knowledge search. Build Sigma rules, integrate EDR/telemetry (CrowdStrike, Defender, Sentinel/Splunk/Chronicle), and run purple-team exercises to close gaps. Champion Zero Trust, secrets hygiene, and incident runbooks with AI-assisted updates. Measure MTTA/MTTR, detection coverage, and control efficacy. Keywords: SIEM/XDR/SOAR operations and rule tuning (Sentinel/Splunk/Chronicle + EDR)Detection engineering mapped to ATT&CK Sigma/YARA authoring GenAI for alert t...

Key Responsibilities: Monitor network traffic to detect malicious or anomalous activity using NDR solutions (e.g., Darktrace, Vectra, ExtraHop, Corelight). Configure, maintain, and fine-tune NDR tools to optimize detection capabilities and minimize false positives. Conduct deep-dive analysis of network events to identify indicators of compromise (IoCs) and tactics, techniques, and procedures (TTPs). Collaborate with SOC analysts, threat hunters, and other teams to contain and remediate threats. Perform forensic investigations of network packets and flows using tools such as Wireshark, Zeek, or Suricata. Develop detection rules, playbooks, and alerting mechanisms aligned with MITRE ATT&CK fra...

We are seeking a Threat Researcher to join our Threat Research team and contribute to the identification of cyber threats, code dissection, and malware reverse engineering. As a Threat Researcher, you will be responsible for conducting research semi-autonomously, generating concise written analyses and visual presentations of findings, and collaborating with clients to deliver innovative detection and eradication solutions to mitigate risks to their networks and operations. The ideal candidate should exhibit technical expertise and a proactive mindset to understand and meet company and customer requirements effectively. Your responsibilities will include: - Analyzing malicious software to di...

You will be responsible for deploying various Open-Source Network Security Solutions and integrating relevant components to ensure system reliability and performance improvement. Your role will involve performance optimization, customization of event-driven process flows, and actions for IPC and enrichments. Additionally, you will be required to conduct research on new approaches and contribute to IP creation. To excel in this role, you must possess rich experience in working with Network Security Products such as IDS/IPS, Next Generation Firewall, and have a background in product development/solution engineering. Your expertise should include IP networking, IP networking protocols, computer...

Analyze network logs for insights Identify sessions, protocols & anomalies Perform DNS/HTTP/FTP/SMTP/SIP/VPN analysis Build Python/SQL scripts for data parsing Create structured investigative reports Ensure confidentiality & secure handling

Application Security Perform security reviews, code audits, and threat modeling of web and mobile applications. Work with DevOps and development teams to integrate secure coding practices and tools (e.g., SAST, DAST, SCA). Conduct penetration testing and vulnerability assessments on internal and external applications. Remediate OWASP Top 10 and other emerging threats. Infrastructure & Server Security Harden Linux and Windows servers following CIS/NIST benchmarks. Implement endpoint security solutions (AV, EDR, MDM). Monitor, detect, and respond to system anomalies and unauthorized access. Manage patching and update cycles in coordination with system teams. Network Security Secure network arc...