Detection Engineer

About this role

Requirements

• Knowledge of information security monitoring and incident management systems (SIEM and SOAR)
• Logical thinking in the context of events, alerts, and incidents
• Proficiency in writing structured queries and analyses (e.g., KQL-like query-based languages, time-based correlations)
• Knowledge of security logs in cloud and/or hybrid infrastructures (identity, endpoint, email, cloud workload events)
• Automation mindset
• Logging capabilities related to various systems
• Professional knowledge for independent work performance
• 5 years of IT experience, including at least 2 years leading information security incident management, and intermediate English

Responsibilities

• Get to know the bank's IT operations, infrastructure, security operations, and monitoring capabilities
• Collaborate closely with SOC analyst colleagues
• Design, develop, and fine-tune security detection logics and use-cases
• Structure, correlate, and prioritize events arriving in the SIEM environment
• Analyze False Positive and Benign True Positive cases and provide feedback into detection logic
• Design and develop automations and reaction processes using a SOAR-like approach
• Integrate Threat Intelligence data and use it effectively
• Document detection capabilities and formulate development proposals

Benefits

• Correlation rules as strategic tools to enhance security monitoring efficiency
• Environment where technology, knowledge, and human relationships matter
• Stability, security, and development opportunities from Hungary's largest financial player
• Comprehensive training system, career paths, and professional development support
• Competitive benefits and cafeteria package
• Private health insurance, health fund, and voluntary pension support
• Employee discounts on mobile phones, housing loans, bank accounts, and vacations