Login Sign Up
🔔 FCM Loaded

Security Developer

Zyoin Group

2 - 5 years

Bengaluru

Posted: 23/12/2025

Getting a referral is 5x more effective than applying directly

Job Description

Experience:

3+ years

Location: Bengaluru

About the Role

We are seeking a Detection Developer to design, develop, and optimize high-quality security detections across endpoint, SIEM, and cloud environments. This role requires strong hands-on experience with detection logic, threat analysis, and behavioral detection techniques, along with a solid understanding of the modern threat landscape.

Key Responsibilities

  • Develop, test, and maintain security detections using Python, YAML , or proprietary detection languages
  • Create and optimize detections across SIEM , EDR , and security telemetry sources
  • Design anomaly-based and behavioral-based detections aligned to real-world attack techniques
  • Analyze and tune detections using OS-specific telemetry, including:
  • Windows Security & Sysmon logs
  • Linux and macOS logs
  • Monitor and detect malicious activity related to:
  • Windows PowerShell execution
  • Cloud logs , email threats, OAuth abuse, and identity-based attacks
  • Continuously tune and optimize detections to reduce false positives and improve fidelity
  • Stay current with the evolving threat landscape and emerging attack techniques
  • Use knowledge of penetration testing tools and adversary tradecraft to inform detection development

Required Skills & Experience

  • 3+ years of professional experience as a Detection Developer / Detection Engineer
  • Hands-on experience developing detections using Python, YAML , or a custom detection language
  • Strong understanding of endpoint and OS-level telemetry (Windows, Linux, macOS)
  • Experience with SIEM detection development
  • Experience creating EDR detections and signatures
  • Solid understanding of attacker techniques and security telemetry
  • Experience tuning and optimizing detections for accuracy and performance

Nice to Have / Preferred Qualifications

  • Experience with IDS/IPS/NSM technologies such as Zeek (Bro), Suricata , or similar tools
  • Familiarity with penetration testing tools and offensive security techniques
  • Professional security or cloud certifications such as:
  • CISSP, GNFA, GCFA, GCFE, GREM (or equivalent)

Technologies & Domains

  • SIEM & EDR platforms
  • Windows Security & Sysmon logs
  • PowerShell monitoring
  • Cloud, email, OAuth, and identity security
  • Anomaly & behavioral detection engineering
  • IDS / IPS / NSM tools

Services you might be interested in

Improve Your Resume Today

Boost your chances with professional resume services!

Get expert-reviewed, ATS-optimized resumes tailored for your experience level. Start your journey now.

getmereferred logo Know more