Job Description

:Detection Engineering & Threat Monitoring
Develop and maintain high-fidelity detection rules using CrowdStrike Falcon, Next-Gen SIEM, and FUSION.
Leverage CS IDP to detect identity-based threats and lateral movement.
Write and optimize queries using CrowdStrike Query Language (FQL/CQL) for threat hunting and detection validation.
Build and tune detections for cloud environments (AWS, Azure, GCP) and integrate with cloud-native logging tools.
Strong Experience in data engine tools like Cribl for SIEM integration, data processing, normalization, and enrichment to enhance SIEM capabilities.
CrowdStrike Ecosystem Ownership
Function as the primary SME for CrowdStrike, including Falcon, IDP, FUSION, and related modules.
Troubleshoot and resolve sensor deployment issues, agent health problems, and telemetry gaps.
Serve as the escalation point for CrowdStrike-related errors, automation failures, and detection tuning.
Collaborate with CrowdStrike support and engineering teams to resolve complex issues and optimize platform performance.
SOAR Automation & Incident Response
Design and implement automated response playbooks using SOAR platforms to reduce dwell time and automate/streamline triage.
Integrate detection outputs with incident response and/or other compliance frameworks as required.
Threat Modeling & Use Case Development
Conduct threat modeling for enterprise systems, cloud platforms, and business-critical applications.
Translate MITRE Telecommunication&CK techniques into actionable detection logic and use cases.
Collaboration & Mentorship
Work closely with infrastructure, compliance, and security operations teams to ensure secure operations.
Mentor junior engineers and analysts on detection engineering, query development, and CrowdStrike best practices.
Location: PAN INDIA