Associate Principal Engineer, Detection & Response job opportunity at Unisys.

Home Jobs In Hungary Tag: Detection & Response Associate Principal Engineer, Detection & Response position at Unisys


bot
Unisys Associate Principal Engineer, Detection & Response
Experience: General
Pattern: full-time
Country:
apply Apply Now
Salary:
Status:

Detection & Response

Copy Link Report
degreeAssociate
loacation Home Based Hungary, Hungary
loacation Home Based Hun..........Hungary

What success looks like in this role: Develop and Implement Custom Detections: Design, develop, and maintain high-fidelity detection rules, signatures, and analytics for a diverse array of enterprise security tools, including Security Information and Event Management (SIEM) systems, Endpoint Detection and Response (EDR) platforms, and Intrusion Detection Systems (IDS). The objective is to identify both known and emerging threats effectively. Translate complex threat intelligence, sophisticated attack methodologies (e.g., leveraging the MITRE ATT&CK Framework), and vulnerability insights into precise, actionable, and automated detection logic. Continuously tune and optimize existing detection mechanisms to significantly reduce false positives, enhance alert fidelity, and ensure a high signal-to-noise ratio, thereby minimizing alert fatigue for security analysts. Perform Tier 3 Security Investigations and Proactive Threat Hunting: Lead and conduct advanced, complex security investigations (Tier 3) escalated from lower tiers, encompassing root cause analysis, malware and indicator analysis, and recommending robust corrective measures to prevent future incidents. Proactively conduct threat hunting activities across network, endpoint, and cloud environments to identify novel or hidden threats, subtle anomalies, and security gaps that may evade existing detection controls. Collaborate closely with Incident Response (IR) teams to ensure effective communication, facilitate rapid response to detected threats, and integrate lessons learned into the development of new or refined detection capabilities. Manage and Optimize MSSP Tier 1 & Tier 2 Operations: Serve as the primary technical liaison for Managed Security Service Provider (MSSP) partners, providing expert guidance and strategic oversight for their Tier 1 and Tier 2 security monitoring and operational activities. Ensure MSSP adherence to organizational security policies, detection standards, and incident escalation procedures, thereby contributing to the overall security posture. Collaborate with MSSP teams on detection rule deployment, tuning, and validation, leveraging continuous feedback loops to enhance overall detection efficacy and reduce alert fatigue experienced by their analysts. Review MSSP-generated alerts and reports, providing constructive feedback and precise technical direction for continuous improvement in their detection and response capabilities. Security Automation and Tooling: Develop and maintain automation scripts and tools (e.g., Python, PowerShell, Bash) to streamline security detection operations, facilitate efficient data parsing, integrate disparate security tools, and enhance response capabilities. Build, design, run, and troubleshoot playbooks within a Security Orchestration, Automation, and Response (SOAR) solution to automate incident response processes and significantly improve operational efficiency. Documentation and Continuous Improvement: Maintain comprehensive and up-to-date documentation of detection logic, configurations, incident response procedures, and investigation findings for robust knowledge sharing and auditing purposes. Stay abreast of the latest security threats, vulnerabilities, attack vectors, industry trends, and emerging security technologies to proactively enhance detection measures and fortify digital boundaries. You will be successful in this role if you have: Technical Proficiency: In-depth understanding and practical experience with Security Information and Event Management (SIEM) systems (e.g., Splunk, Google SecOps) for log analysis, sophisticated rule creation, and dashboard development. Strong knowledge of Endpoint Detection and Response (EDR) and Intrusion Detection/Prevention Systems (IDS/IPS). Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation, data manipulation, and custom tool development. Solid understanding of network security, protocols, and traffic analysis. Familiarity with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK) to inform detection strategy and rule development. Analytical and Problem-Solving Skills: Exceptional analytical skills to analyze large, complex datasets, identify subtle anomalies, patterns, and indicators of malicious activity. Demonstrated ability to think critically, troubleshoot complex problems, and make sound decisions under pressure, particularly during incident investigations. Collaboration and Communication: Strong verbal and written communication skills for reporting findings, documenting procedures, and collaborating effectively with cross-functional teams and external partner Requirements Active US Security Clearance or eligibility for clearance reinstatement is required What do we offer? Hybrid working is supported Monthly gross 44.200 HUF cafeteria - regardless of your weekly working hours Home office allowance Private Health Insurance Generali Premium Package provided for all Unisys associates after 6-months tenure  Last and foremost, a great team, also a lot of learning and training opportunities Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4).  US job seekers can find more information about Unisys’   EEO commitment here .

Other Ai Matches

Angular Developer Applicants are expected to have a solid experience in handling Job related tasks
French-Speaking Part-time Customer Service Representative - Night Shift (FUTURE OPPORTUNITIES) Applicants are expected to have a solid experience in handling Job related tasks
Scrum Master Applicants are expected to have a solid experience in handling Job related tasks
Coordinator Data Proc Spt Applicants are expected to have a solid experience in handling Job related tasks
Service Desk Team Lead Applicants are expected to have a solid experience in handling Job related tasks
Global Transition Test Manager Applicants are expected to have a solid experience in handling Job related tasks
Tech Service Desk - Afterhours Part- Time Applicants are expected to have a solid experience in handling Job related tasks
Service Desk Team Leader Applicants are expected to have a solid experience in handling Job related tasks
Principal Engineer - Attack Surface Management Applicants are expected to have a solid experience in handling Job related tasks
Associate Presales Solutions Architect - Digital Workplace Services Applicants are expected to have a solid experience in handling Job related tasks
Senior Mobile Application Developer - Flutter Applicants are expected to have a solid experience in handling Job related tasks
Data Center Technician - Cambridge, ON Applicants are expected to have a solid experience in handling ON related tasks
Field Marketing Sr Associate Applicants are expected to have a solid experience in handling Job related tasks
remote-jobserver Remote
ServiceNow Technical Account Manager Lead Applicants are expected to have a solid experience in handling Job related tasks
Senior Full-Stack .NET/React Software Engineer Applicants are expected to have a solid experience in handling Job related tasks
German-Speaking Part-time Customer Service Representative Applicants are expected to have a solid experience in handling Job related tasks
Sr Principal Presales Solution Architect Applicants are expected to have a solid experience in handling Job related tasks
Data Process Support Applicants are expected to have a solid experience in handling Job related tasks
Onsite Support Engineer Applicants are expected to have a solid experience in handling Job related tasks
remote-jobserver Remote
Americas Regional Transition Lead Applicants are expected to have a solid experience in handling Job related tasks
Sr. Analyst Service Desk - Level 2 Applicants are expected to have a solid experience in handling Job related tasks
ServiceNow Developer Applicants are expected to have a solid experience in handling Job related tasks
Civil Registry Associate Applicants are expected to have a solid experience in handling Job related tasks