Blue Team Engineer

Are you passionate about technology and enjoy explaining complex solutions in a way that everybody gets excited? If so, read on!

About Picus

Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort.

The Picus Security Validation Platform easily reaches across on-prem environments, hybrid clouds and endpoints coupled with Numi AI to provide exposure validation. 

The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing, offering a 95% recommendation in Gartner Peer Review.

About The Role

Picus Labs is a place for Cyber Security Innovation— In Picus Labs, we elevate offensive and defensive cyber security technologies.

We're looking to grow our team to support the high growth and global expansion plans of Picus with developing new technologies. With this role, you'll get a chance to work for innovation. You will be constantly challenged and you will get to develop your knowledge and skills in cyber security technologies.

This is an amazing opportunity where you get to research for a fast-growing cyber security startup. As a Blue Team Engineer in Picus Labs, you will manage internal SOC processes, analyze new adversarial techniques and attacks developed by Picus Labs Red Team and develop threat detection & hunting scenarios. You will research new threat detection & hunting methodologies and technologies, onboard and iterate.

What You'll Do

• Analyze, understand, and leverage public research on emerging cyber threats, detection methods and tools
• Research and apply Continuous Threat Exposure Management (CTEM) methodologies by conducting thorough studies on best practices, then implement and continuously refine them to proactively identify, expose, and mitigate vulnerabilities in response to evolving threats
• Research and develop hardening methodologies for cybersecurity defenses by analyzing best practices and frameworks
• Deploy, configure, and manage endpoint security technologies, including XDR, EDR, SIEM, EPP solutions, to evaluate their response to Picus Attack Scenarios
• Design and develop both open-source and vendor-based threat detection scenarios
• Utilize AI and data analysis techniques to create innovative cybersecurity solutions that enhance threat detection and response capabilities
• Optimize detection rules to improve the accuracy and efficiency of threat detection, reducing false positives while enhancing the ability to identify cyber threats
• Develop and maintain tools to support the Detection Development Life Cycle
• Conduct research on new threat hunting methodologies, tools, and technologies to stay ahead of evolving threats
• Onboard, configure, and maintain detection and hunting products (e.g., SIEM, EDR) to enhance security operations
• Optimize internal SOC technologies and processes to improve threat detection and response capabilities
• Utilize threat intelligence services and malware sandboxes to effectively hunt for and analyze emerging malware threats
• Collaborate with Picus Labs Red Team for purple teaming exercises to improve defenses
• Partner with engineering teams to contribute to the development and refinement of new product features

What You Have

• Hands-on experience in hunting current adversarial techniques
• Experience with security monitoring, incident detection, and response in enterprise environments
• Proficiency in scripting languages (e.g., Python, Bash) for automating tasks and improving processes
• Strong threat detection and hunting knowledge
• Strong SIGMA and YARA rule development knowledge
• Hands-on experience in administering and using network security, SIEM and EDR technologies
• Knowledge of Mitre ATT&CK framework and threat intelligence services
• Community contribution to defensive knowledge will be a plus. (Open source projects, etc.)
• A proactive mindset with a continuous learning attitude towards new security technologies and threats
• Excellent communication skills to effectively interact with technical and non-technical teams
• Proficiency in written English

Working at Picus

Fascinating work - a chance to shape and lead an exciting, fast-growing cyber security segment. Security Validation is a concept that helps organizations evaluate their security posture in a continuous, automated, and repeatable way. This approach allows for the identification of imminent threats, provides recommended actions, and produces valuable metrics about cyber-risk levels.

Unlimited opportunity! We are growing. At Picus, you'll be provided with as much responsibility as you can handle - new career development opportunities constantly arise given our rate of growth.

Global exposure - Get a lot of experience working not only in a fast-growing startup but also interact with customers all around the world.

Be part of a global remote team who is taking on Exposure Validation and a growing market segment.

We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, sex, race, color, national origin, religious belief, gender or gender reassignment, sexual orientation, marriage or civil partnership, pregnancy and maternity, disability, protected veteran status, or any other characteristic protected by International law. Upon conditional offer of employment, candidates are required to complete reference and identity checks in line with local labor laws and as per the Company’s employment policy.