Detection Engineer Mac/Linux

Context

We are looking for a Detection Engineer specializing in Mac and Linux environments to actively contribute to protecting our organization and stakeholders against cyber threats. You will play a crucial role within our Security Operations Centre (SOC), where security events are collected, analyzed, and translated into concrete actions. This position focuses on designing and improving detection use cases on Mac and Linux platforms, working primarily with SIEM tools such as Splunk.

Missions

• Design, build, and maintain detection use cases for macOS and Linux platforms
• Analyze security logs (e.g., syslog, audit logs, EDR telemetry) and translate them into actionable detections
• Improve and fine-tune existing use cases to reduce false positives and increase detection quality
• Collaborate with SOC analysts to align detections with real-world threats
• Contribute to expanding logging and monitoring coverage on Mac and Linux systems
• Use frameworks such as MITRE ATT&CK to build detections in a structured way
• Work with Splunk (training will be provided)

Tools & Environment

• Apple MAC and Apple OS X
• Linux
• Shell scripting
• SIEM (Security Information and Event Management)
• Splunk (training provided)
• Agile methodologies (nice to have)
• ICT knowledge (nice to have)

Working Conditions

• Role within a SOC team focused on cyber security
• Supportive team environment with knowledge sharing and mentorship
• Training opportunities in Splunk and detection engineering
• Opportunity for growth in the cyber security field
• Impactful role in a rapidly evolving and socially relevant sector

Key Skills & Attributes

• Cyber risk management
• Software Development Life Cycle (SDLC) understanding
• Strong analytical mind and conceptual thinking
• Clear, structured, and convincing communication
• Collaborative team player
• Eager to learn and quickly absorb new information
• Efficient and strong in prioritizing tasks
• Flexible mindset and open to challenges
• High standards with a focus on continuous improvement
• Independent and self-reliant
• Quality-driven and punctual
• Security-driven mindset

1. Strong communication skills: ability to translate technical detections into clear insights for colleagues and stakeholders
2. A true team player who enjoys working within a SOC environment and supporting other colleagues
3. Experience in cyber security or threat detection, or a strong background in macOS/Linux as a systems engineer
4. Analytical thinking, a critical eye and a structured approach to work
5. Knowledge of shell scripting and regex is a plus