Sr. Cyber Security Engineer I – Sr Detection Engineer

Work Model/Location: Hybrid, Framingham, MA

Staples is business to business. You’re what binds us together.

Our digital solutions team is more than a traditional IT organization. We are a team of passionate, collaborative, agile, inventive, customer-centric, results-oriented problem solvers. We are intellectually curious, love advancements in technology and seek to adapt technologies to drive Staples forward. We anticipate the needs of our customers and business partners and deliver reliable, customer-centric technology services. We're seeking a seasoned Senior Detection Engineer with a strong Microsoft Sentinel background to join our threat detection and response efforts. You'll leverage your deep expertise in Microsoft technologies and multi-cloud environments to build, deploy, and fine-tune advanced detection rules within Sentinel. Your keen understanding of security operations will ensure seamless integration and efficient response to security incidents.

What you’ll be doing:

• Develop and Deploy Detection Use cases using numerous data sets and security products including but not limited to External Threat Intelligence to identify adversary TTPs in the environment. 
• Design, implement, and maintain complex detection rules, analytics, and automation playbooks within Microsoft Sentinel.
• Document, Track analysis and metrics around Detection Lifecycle and Revisions
• Participate in investigation, response, and root cause analysis for major incidents.
• Proactively identify and investigate potential threats using Sentinel's powerful hunting capabilities.
• Tuning and optimization of Azure Sentinel Baseline and Analytical Detection Rules.
• Partner closely with SOC, Advance Threats and other internal Stakeholders to evolving the current Detection Footprint and Efficacy. 
• Interacts with internal and external peers and management to share highly complex information related to areas of expertise and/or to gain acceptance of new or enhanced technology / business solutions.
• Join us in shaping the future of threat detection and response

What you bring to the table:

• Demonstrates proficiency in all areas of the professional function and advanced in-depth specialization in some.
• Leverage your knowledge of the Microsoft ecosystem to maximize Sentinel's integration with other security tools and data sources.
• Extensive experience building, deploying, and managing detection rules and analytics within Microsoft Sentinel.
• Demonstrate ability to design and implement complex security solutions in large-scale environments.
• Strong communication skills with proficiency in presenting technical information to non-technical stakeholders.
• Leverage your knowledge of the Microsoft ecosystem to maximize Sentinel's integration with other security tools and data sources.
• Excellent problem-solving skills and the ability to work in a dynamic, fast-paced environment.

What’s needed- Basic Qualifications:

• Bachelor’s degree in Computer Science, Computer Engineering, or a related field, or equivalent experience.
• 5+ years of experience in Detection Engineering, incident response or related field
• Experience and/or Familiarity with Threat Hunting Process and developing Runbooks
• Experience analyzing common security logs (e.g., Authentication, DNS, Endpoint, Network, Proxy, Cloud Native etc) to detect security incidents
• Minimum of 3 years focused on Microsoft Sentinel including but not limited to other Microsoft suite of Applications like Entra, Purview and/or Defender, Log Analytics.
• Proficient in creating and managing KQL queries and understanding of Azure services related to security and compliance.
• Relevant certifications such as Microsoft Certified: Azure Security Engineer Associate, Certified Information Systems Security Professional (CISSP), or similar etc.

What’s needed- Preferred Qualifications:

• Strong ability to learn new things and adapt to new requirements
• Demonstrated knowledge of common/emerging attack techniques
• Extensive experience building, deploying, and managing detection rules and analytics within Microsoft Sentinel.
• Experience with scripting languages (Python, PowerShell) for automation and orchestration. Familiarity with Python, PowerShell or similar development experience is preferred.
• Experience securing multi-cloud environment (Azure, AWS, GCP) by implementing and managing cloud-native security controls and integrating them with Sentinel.
• Familiarity and/or Experience with purple teaming
• Deep understanding of system internals on Windows and Linux
• Demonstrated knowledge of tactics, techniques, and procedures (TTPs) as developed and outlined by the MITRE ATT&CK framework.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

We Offer:

• Inclusive culture with associate-led Business Resource Groups
• Flexible PTO (22 days) and Holiday Schedule
• Online and Retail Discounts, Company Match 401(k), Physical and Mental Health Wellness programs, and more

Chez Staples, « inclusion » est un mot d'action. Il représente ce que nous faisons pour garantir que tous les employés se sentent valorisés et soutenus afin de contribuer à leur plein potentiel. Lorsque nous opérons de manière inclusive, la diversité suit naturellement. C'est pourquoi nous travaillons dur pour favoriser une culture inclusive, car nous recherchons des employés ayant des perspectives uniques et variées et des domaines d'expertise divers. Le résultat est un meilleur environnement de travail et une réflexion innovante qui nous aide à dépasser les attentes de nos clients – grâce à la force des personnes derrière notre marque emblématique.

Staples est un employeur garantissant l'égalité des chances. Tous les candidats qualifiés seront pris en considération pour un emploi sans distinction de race, couleur, religion, âge, sexe, orientation sexuelle, identité de genre, origine nationale, statut de vétéran protégé, handicap ou toute autre base protégée par la loi fédérale, étatique ou locale.