Work Schedule
First Shift (Days)Environmental Conditions
OfficeJob Description
When you join us at Thermo Fisher Scientific, you'll be part of a hard-working, driven team that shares your passion for exploration and discovery. With annual revenues over $40 billion and the most significant investment in R&D in the industry, we give our more than 100,000 colleagues the resources and chances to create meaningful contributions to the world.
Location/Division Specific InformationThe Detection Engineer works with existing and new data sources to proactively identify sophisticated threats that may evade security controls. This role bridges the gap between cyber threat intelligence and real-time operational security by crafting high-fidelity actionable alerts from Indicators of Compromise (IOCs) and knowledge of adversary Tactics, Techniques and Procedures (TTPs).
A Day in the Life:Collaborate with the Security Operations and Threat Intelligence teams to understand detection needsOperationalize threat hunting findings by developing and optimizing detection rulesWork with Incident Response and Digital Forensics teams to refine incident identification and dynamically respond to active threatsKeys to Success:Own the end-to-end process of designing, developing, testing, validating, and tuning detection rules across all relevant security platforms, not just automating responses to existing alertsAnalyze security data sources with a detection-centric mentality, identifying patterns indicative of compromiseEnsure the accuracy, coverage, and efficiency of data sources and detection logicOptimize the use of existing security tools, including SIEM, EDR, SOAR, and cloud-native security platforms to improve their detection capabilities. This includes writing and managing rules across potentially fragmented toolchainsEducationBachelor's Degree in Cybersecurity, Computer Science, Systems Engineering, or related field. Equivalent work experience is acceptableCertifications not required, but encouraged: GCDA, GCIH, GMON, GCFA, Network+, Security+ or related certificationsExperience3+ years of related experience working with cybersecurity operations, threat intelligence, and security frameworks such as MITRE ATT&CK and the Cyber Kill ChainExperience building SIEM & SOAR workflows highly desiredKnowledge, Skills, AbilitiesStrong understanding of cybersecurity threats, vulnerabilities and attack vectorsProficiency in scripting languages (Python, PowerShell), data analysis, Detection-as-Code practices, and version controlIndependent ability to develop and optimize complicated SIEM queriesExcellent critical thinking, analytical, and problem-solving skillsUnderstanding of Secure Operation Center (SOC) roles and responsibilitiesStrong background in networking principles, operating systems, and security toolsExcellent written and verbal communication skillsCompensation and Benefits
The salary range estimated for this position based in Maryland is $113,500.00–$170,200.00.This position may also be eligible to receive a variable annual bonus based on company, team, and/or individual performance results in accordance with company policy. We offer a comprehensive Total Rewards package that our U.S. colleagues and their families can count on, which includes:
A choice of national medical and dental plans, and a national vision plan, including health incentive programs
Employee assistance and family support programs, including commuter benefits and tuition reimbursement
At least 120 hours paid time off (PTO), 10 paid holidays annually, paid parental leave (3 weeks for bonding and 8 weeks for caregiver leave), accident and life insurance, and short- and long-term disability in accordance with company policy
Retirement and savings programs, such as our competitive 401(k) U.S. retirement savings plan
Employees’ Stock Purchase Plan (ESPP) offers eligible colleagues the opportunity to purchase company stock at a discount
For more information on our benefits, please visit: https://jobs.thermofisher.com/global/en/total-rewards