Cyber Security Engineer (Detection Content Engineer)

For Digital Hub Warsaw, we are looking for: Detection Content Engineer (SIEM – Sentinel) We are seeking a skilled and motivated Detection Content Engineer to join our Security Operations team. The ideal candidate will be responsible for developing, implementing, and maintaining detection content for our Security Information and Event Management (SIEM) system, specifically Microsoft Sentinel. This role is critical in enhancing our security posture by identifying and mitigating potential threats through effective detection strategies. Additionally, the Detection Content Engineer will support hygiene topics by collaborating with system owners to review and adjust security policies as needed.   Key Tasks & Responsibilities: • Detection Content Development: Design, develop, and implement detection rules, alerts, and analytics within Microsoft Sentinel to identify anomalous behavior and potential security incidents. Collaborate with threat intelligence teams to incorporate the latest threat indicators and tactics into detection content. Conduct regular reviews and tuning of detection rules to minimize false positives and ensure high accuracy in alerting. Analyze historical incident data to identify gaps in detection and recommend improvements. • Policy Hygiene Support: Identify and review existing security policies related to detection and incident response. Collaborate with providers and system owners to adjust policies as necessary to enhance security hygiene and ensure alignment with best practices. Ensure that all detection content complies with organizational policies and regulatory requirements. • Incident Response Support: Work closely with the Security Operations Center (SOC) team to understand incident response workflows and ensure detection content aligns with operational needs. Provide expertise and support during security incidents to refine and improve detection capabilities. • Documentation and Reporting: Create and maintain comprehensive documentation for all detection rules, including purpose, logic, and operational procedures. Generate reports on detection efficacy and provide insights on trends and emerging threats. • Collaboration and Training: Collaborate with cross-functional teams to ensure alignment on security objectives and strategies. Provide training and guidance to SOC analysts on detection content and best practices. Qualifications & Competencies (education, skills, experience): • Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience. • 4+ years of experience in cybersecurity, with a focus on detection engineering or incident response. • Hands-on experience with Microsoft Sentinel or similar SIEM platforms. • Proficiency in developing Kusto Query Language (KQL) queries for data analysis and alert creation in Sentinel. • Strong understanding of security concepts, threat detection methodologies, and incident response processes. • Relevant certifications (e.g., CISSP, GCIH) are a plus. • Strong analytical and problem-solving skills with attention to detail. • Excellent communication skills, both written and verbal. • Ability to work independently and collaboratively in a fast-paced environment. • A proactive mindset with a passion for continuous learning and improvement in cybersecurity practices. What do We offer: • A flexible, remote-hybrid work model  • Great workplace in a new modern office in Warsaw • Career development, 360° Feedback & Mentoring programme • Wide access to professional development tools, trainings, & conferences • Company Bonus & Reward Structure  • VIP Medical Care Package (including Dental & Mental health) • Holiday allowance (“Wczasy pod gruszą”) • Life & Travel Insurance • Pension plan • Co-financed sport card - FitProfit • Meals Subsidy in Office  • Budget for Home Office Setup & Maintenance • Access to Company Game Room equipped with table tennis, soccer table, Sony PlayStation 5 and Xbox Series X consoles setup with premium game passes, and massage chairs • Tailored-made support in relocation to Warsaw when needed • Please send your CV in English   WORK LOCATION: WARSAW AL. JEROZOLIMSKIE 158