Role Description
**Description**
* Detection-as-Code: You will implement an automated pipeline leveraging GitLab, Splunk, Sentinel, and Sigma to streamline the creation, validation, and deployment of detection rules.
* Rule Linter: Develop a custom linter to ensure detection rules follow the correct rule format and adhere to best practices.
* Basic Detection Rules: Create and maintain a library of standard detection rules for common threats, enabling faster and more consistent threat detection across environments..
**Objectives**
* Automate Detection Rule Deployment: Design and configure a pipeline that automatically validates, packages, and deploys Sigma-based detection rules to Splunk and Sentinel.
* Ensure Rule Quality: Develop a linter that checks syntax, formatting, and potential rule conflicts, promoting reliability and consistency of detection rules.
* Enhance Security Posture: Provide a solid baseline of detection rules to mitigate common threats, and document best practices to facilitate knowledge sharing within the team.
**Our offer**
› A dynamic work and collaborative environment with a highly motivated multi-cultural and international sites team
› The chance to make a difference in peoples’ life by building innovative solutions
› Various internal coding events (Hackathon, Brownbags), see our technical blog
› Monthly After-Works organized per locations
**Skills required**
* Final-year student (Master’s level) in Computer Science, Software Engineering, Cybersecurity, or a related field.
* Practical knowledge of GitLab (CI/CD pipelines) and experience with log management or SIEM solutions (Splunk, Sentinel, etc.).
* Familiarity with Sigma rules or similar threat detection frameworks.
* Proficiency in scripting (e.g., Shell, Python) and version control (Git).
* Strong problem-solving skills, autonomy, and a willingness to learn in a fast-paced environment.