Role- Cybersecurity Consultant with Python
Location: San Antonio, TX (Onsite)
Contract
Competencies: Digital: Python, Cyber threat Intelligence
Experience (Years): 6-8
Essential Skills:
Primary Skill
· Python, Control-M
Secondary Skill
· Angular,
· Typescript,
· Docker,
· Kubernetes, and CICD tools
Role Description:
· Designing, building, and maintaining systems to detect threats, which involves writing detection rules.
· Analysing security logs, researching threats, and refining detection logic.
· Integrating telemetry from various sources, mapping detections to frameworks like MITRE ATTCK, and implementing automated pipelines for continuous improvement.
· Create and fine-tune detection rules, logic, and models for security tools like SIEMs, EDRs, and cloud-native platforms.
· Investigate alerts, analyze security logs, and process raw data to identify malicious activity and reduce false positives.
· Implement detection-as-code principles, using version control and CICD pipelines to automate testing and deployment.
· Work with threat hunters, security operations, and other engineering teams to mature the organizations detection capabilities.
· Maintain a library of detection rules and playbooks to ensure consistency and efficiency.