Job Description

:Detection Engineering & Threat Monitoring ? Develop and maintain high-fidelity detection rules using CrowdStrike Falcon, Next-Gen SIEM, and FUSION. ? Leverage CS IDP to detect identity-based threats and lateral movement. ? Write and optimize queries using CrowdStrike Query Language (FQL/CQL) for threat hunting and detection validation. ? Build and tune detections for cloud environments (AWS, Azure, GCP) and integrate with cloud-native logging tools. ? Strong Experience in data engine tools like Cribl for SIEM integration, data processing, normalization, and enrichment to enhance SIEM capabilities. ? CrowdStrike Ecosystem Ownership ? Function as the primary SME for CrowdStrike, including Falcon, IDP, FUSION, and related modules. ? Troubleshoot and resolve sensor deployment issues, agent health problems, and telemetry gaps. ? Serve as the escalation point for CrowdStrike-related errors, automation failures, and detection tuning. ? Collaborate with CrowdStrike support and engineering teams to resolve complex issues and optimize platform performance. ? SOAR Automation & Incident Response ? Design and implement automated response playbooks using SOAR platforms to reduce dwell time and automate/streamline triage. ? Integrate detection outputs with incident response and/or other compliance frameworks as required. ? Threat Modeling & Use Case Development ? Conduct threat modeling for enterprise systems, cloud platforms, and business-critical applications. ? Translate MITRE Telecommunication&CK techniques into actionable detection logic and use cases. ? Collaboration & Mentorship ? Work closely with infrastructure, compliance, and security operations teams to ensure secure operations. ? Mentor junior engineers and analysts on detection engineering, query development, and CrowdStrike best practices.
Location: PAN INDIA