At Bayer we’re visionaries, driven to solve the world’s toughest challenges and striving for a world where ,Health for all, Hunger for none’ is no longer a dream, but a real possibility. We’re doing it with energy, curiosity and sheer dedication, always learning from unique perspectives of those around us, expanding our thinking, growing our capabilities and redefining ‘impossible’. There are so many reasons to join us. If you’re hungry to build a varied and meaningful career in a community of brilliant and diverse minds to make a real difference, there’s only one choice.
Cyber Security Engineer (Detection Content Engineer)
For Digital Hub Warsaw, we are looking for:
Detection Content Engineer (SIEM – Sentinel)
We are seeking a skilled and motivated Detection Content Engineer to join our Security Operations team. The ideal candidate will be responsible for developing, implementing, and maintaining detection content for our Security Information and Event Management (SIEM) system, specifically Microsoft Sentinel. This role is critical in enhancing our security posture by identifying and mitigating potential threats through effective detection strategies. Additionally, the Detection Content Engineer will support hygiene topics by collaborating with system owners to review and adjust security policies as needed.
Key Tasks & Responsibilities:
- Detection Content Development:
Design, develop, and implement detection rules, alerts, and analytics within Microsoft Sentinel to identify anomalous behavior and potential security incidents.
Collaborate with threat intelligence teams to incorporate the latest threat indicators and tactics into detection content. Conduct regular reviews and tuning of detection rules to minimize false positives and ensure high accuracy in alerting.
Analyze historical incident data to identify gaps in detection and recommend improvements.
- Policy Hygiene Support:
Identify and review existing security policies related to detection and incident response.
Collaborate with providers and system owners to adjust policies as necessary to enhance security hygiene and ensure alignment with best practices.
Ensure that all detection content complies with organizational policies and regulatory requirements.
- Incident Response Support:
Work closely with the Security Operations Center (SOC) team to understand incident response workflows and ensure detection content aligns with operational needs.
Provide expertise and support during security incidents to refine and improve detection capabilities.
- Documentation and Reporting:
Create and maintain comprehensive documentation for all detection rules, including purpose, logic, and operational procedures.
Generate reports on detection efficacy and provide insights on trends and emerging threats.
- Collaboration and Training:
Collaborate with cross-functional teams to ensure alignment on security objectives and strategies.
Provide training and guidance to SOC analysts on detection content and best practices.
Qualifications & Competencies (education, skills, experience):
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience.
- 4+ years of experience in cybersecurity, with a focus on detection engineering or incident response.
- Hands-on experience with Microsoft Sentinel or similar SIEM platforms.
- Proficiency in developing Kusto Query Language (KQL) queries for data analysis and alert creation in Sentinel.
- Strong understanding of security concepts, threat detection methodologies, and incident response processes.
- Relevant certifications (e.g., CISSP, GCIH) are a plus.
- Strong analytical and problem-solving skills with attention to detail.
- Excellent communication skills, both written and verbal.
- Ability to work independently and collaboratively in a fast-paced environment.
- A proactive mindset with a passion for continuous learning and improvement in cybersecurity practices.
What do We offer:
- A flexible, remote-hybrid work model
- Great workplace in a new modern office in Warsaw
- Career development, 360° Feedback & Mentoring programme
- Wide access to professional development tools, trainings, & conferences
- Company Bonus & Reward Structure
- VIP Medical Care Package (including Dental & Mental health)
- Holiday allowance (“Wczasy pod gruszą”)
- Life & Travel Insurance
- Pension plan
- Co-financed sport card - FitProfit
- Meals Subsidy in Office
- Budget for Home Office Setup & Maintenance
- Access to Company Game Room equipped with table tennis, soccer table, Sony PlayStation 5 and Xbox Series X consoles setup with premium game passes, and massage chairs
- Tailored-made support in relocation to Warsaw when needed
- Please send your CV in English
WORK LOCATION: WARSAW AL. JEROZOLIMSKIE 158
YOUR APPLICATIONBayer welcomes applications from all individuals, regardless of race, national origin, gender, age, physical characteristics, social origin, disability, union membership, religion, family status, pregnancy, sexual orientation, gender identity, gender expression or any unlawful criterion under applicable law. We are committed to treating all applicants fairly and avoiding discrimination.
Bayer is committed to providing access and reasonable accommodations in its application process for individuals with disabilities and encourages applicants with disabilities to request any needed accommodation(s) using the contact information below.
Bayer offers the possibility of working in a hybrid model. We know how important work-life balance is, so our employees can work from home, from the office or combine both work environments. The possibilities of using the hybrid model are each time discussed with the manager.
Bayer respects and applies the Whistleblower Act in Poland.
Location:
Poland : Mazowieckie : Warszawa
Division:
CSF
Reference Code:
869385