SecurityContentEngineer

Job Description **Who we are looking for** State Street seeks to recruit a Security Content Engineer that will create, test, enhance, and document threat detection capabilities to determine the presence of certain cyber activity. Join us in evolving our threat management capabilities to shape a pro-active intelligence driven fusion model to protect State Street, its customers and partners from the ever evolving and sophisticated global threat actors. Remote work options will be considered for the highly skilled candidates. **What you will be responsible for** As Security Content Engineer you will * Develop and implement new detection content for both cloud-based and on-prem systems while ensuring a high level of fidelity. * Determine the best method for achieving detection content objectives to ensure efficiency and avoid duplication. * Triage, prioritize, and take appropriate action to address requests for detection content corrections and/or ehancements. * Test and tune threat detection use cases within the Security Incident and Event Management (SIEM), Endpoint Detection and Response (EDR) and/or other security platforms. * Monitor and maintain SIEM look up tables and various other tables from becoming stale and dated. * Monitor established content metrics, identify opportunities to increase efficiency, fidelity, and/or possible retirement. * Validate and document content requirements, search criteria, test cases, and other development lifecycle aspects through use of appropriate documentation libraries and development tracking tools. * Document and maintain assets, scripts and processes to test SIEM/EDR rules for reuse. * Partner with other Fusion Center teams to align detection strategy with threat model and MITRE ATT&CK framework. * Partner with purple team, various security, risk, IT and business professionals to validate and document threat detection goals. * Provide guidance in alert creation among various security controls such as EDR, IDS, Cloud, email ga