SOC - Detection Engineer

Job Description

DXC Technology helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private and hybrid clouds. The world's largest companies and public sector organizations trust DXC to deploy services to drive new levels of performance, competitiveness, and customer experience across their IT estates.

Role Summary

The Detection Engineer is responsible for developing and enhancing detection strategies within security monitoring platforms. This includes designing new detection rules, optimizing existing ones, and reducing false positives based on current threat intelligence. The role also involves supporting incident response efforts and collaborating with cross-functional teams to strengthen the organization's cybersecurity posture.

Key Responsibilities

• Threat Detection Design, implement, and fine-tune detection rules and models to identify suspicious activity and cyber threats
• Tool Management Configure and manage detection capabilities across various security tools to ensure effective threat identification
• Incident Response Support Provide actionable threat insights and detailed context to assist incident response teams during investigations
• Threat Intelligence Integration Leverage threat intelligence sources to inform and continuously enhance detection capabilities
• Collaboration Work closely with SOC analysts, threat hunters, and engineers to drive comprehensive security coverage
• Reporting & Documentation Maintain detailed documentation of detection use cases, tuning outcomes, and areas for improvement
• Continuous Learning Stay up to date on cybersecurity trends, emerging threats, and new detection methodologies
• Process Improvement Identify gaps in detection processes and recommend improvements aligned with industry best practices
• Training & Knowledge Sharing Mentor and train SOC personnel on detection engineering principles and tools
  
  

Key Tasks & Duties

• Develop and fine-tune detection rules tailored to customer environments
• Analyze security events to propose or refine detections for emerging threats
• Engage with clients during on-site investigations or escalated incidents
• Assess and communicate the business impact and risk of identified threats
  
  

Required Skills & Qualifications

• Strong analytical, logical reasoning, and systems thinking skills
• Proficient in technical writing for documentation, reports, and detection rule catalogs
• Solid understanding of threat-informed defense and threat modeling methodologies (e.g., STRIDE, PASTA, ATT&CK, CVSS, etc.)
• Experience with SIEM, EDR, and other monitoring tools
• Familiarity with MITRE ATT&CK framework and detection mapping techniques
  
  

Preferred Certifications (Nice To Have)

• SANS SEC530 (GMON) – Continuous Monitoring and Security Operations
• MAD20 – Detection Engineering
  
  

Learn more about DXC's Security team - Security

Instagram: https://www.instagram.com/dxctechnology

Youtube: https://www.youtube.com/DXCTechnology

TikTok: https://www.tiktok.com/@dxc_technology

Website http://www.dxc.com

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.