Job Description
Who You Are
You’re a curious, detail-oriented problem solver who thrives on tackling complex challenges. You have hands-on experience working with Stellar Cyber XDR and understand how to navigate its queries, dashboards, and automations. You enjoy working with data, writing code, and building tools that make security operations smarter and more efficient. You’re comfortable navigating ambiguity, passionate about learning new things in the cybersecurity and AI domains, and excited to make a real impact on how WatchGuard MDR detects and responds to threats.
The Opportunity
The WatchGuard MDR Data Science and Security Engineering (DSSE) team is responsible for building and maintaining detections, and leveraging cutting-edge AI to improve SOC efficiency and efficacy. As a Security Engineer on the DSSE team, you’ll help in shaping and evolving our detection and response capabilities. You’ll own and enhance our use of the Stellar Cyber XDR, and work closely with our SOC team to improve alert quality, automate investigations, and uncover new detection opportunities. Your work will directly influence how quickly and effectively we identify and respond to threats across our environment.
Within 1 Month, You Will…
· Complete onboarding and gain familiarity with how we use Stellar.
· Shadow SOC analysts to understand current workflows and pain points.
· Begin contributing to small improvements in queries, dashboards, or documentation.
Within 3 Months, You Will…
· Own key components of Stellar: queries, automations, dashboards, and documentation.
· Handle SOC escalations, including tuning alert templates and making exclusions.
· Use tools like Kibana and SQL to investigate logs and detections.
· Collaborate with the team to identify and scope new detection opportunities.
Within 6 Months, You Will…
· Help in the development of new detection sets.
· Help bridge the gap between SOC runbooks and our Automated Investigation Engine (AIE).
· Contribute to detection and data documentation.
· Optionally, write Jupyter notebook modules to support automated analysis.
What You’ll Bring and Gain
In this role, you’ll take ownership of our Stellar components. You’ll help bridge the gap between our SOC analysts and data scientists, ensuring smooth collaboration and shared understanding. You’ll play a key role in helping the DSSE team to build out AI agentic workflows to enhance SOC efficiency and quality. You’ll learn how to build scalable detection logic, navigate large-scale log data, and deepen your cybersecurity expertise across multiple domains. Your work will improve the speed and accuracy of our threat detection, and drive smarter, more automated investigation workflows.
