Lead Solutions Engineer, Automation

Lead Solutions Engineer, Automation

This job is available to work in one of our hub locations: Tampa, FL; Denver, CO; DC metro area, CA (Bay area), Austin, TX and will be hybrid

Reporting directly to the Director of Engineering, Core Platform, the Lead Solutions Automation Engineer will lead efforts to automate and optimize security operations and incident response. This role is ideal for a seasoned technology leader with deep expertise in security operations and engineering, ready to revolutionize security response strategies using hyperautomation technologies. You will drive the design of advanced solutions, shape key architectural decisions, and ensure our systems remain resilient against emerging threats. Additionally, you will collaborate with stakeholders across the business to drive the strategic direction of key initiatives

In this role, you’ll get to:

• Lead the design and implementation of automation workflows and security solutions that not only enhance operational efficiency and response capabilities but also align with the broader strategic goals of the organization. This involves balancing short-term wins with long-term value creation, ensuring that automation efforts are scalable and sustainable.
• Coordinate closely with experienced security analysts and engineers to identify automation opportunities that offer the highest return on investment. Prioritize these opportunities based on their potential impact, the resources required, and the alignment with overall security and business objectives.
• Champion the integration of hyperautomation across all facets of our security operations while carefully evaluating the trade-offs between speed, cost, and complexity to ensure our  automation strategy is flexible enough to adapt to evolving security threats and organizational needs.
• Engage with, mentor, and influence a diverse team of top-tier security professionals, fostering an environment of innovation, collaboration, and technical excellence.
• Develop and maintain integrations between Security Orchestration, Automation, and Response (SOAR)/hyperautomation platforms and various security tools, ensuring seamless operational continuity.
• Create and optimize complex scripts and playbooks in Python, Bash, or PowerShell to automate aspects of the incident response lifecycle.
• Diagnose and navigate the most complex security automation related challenges, setting standards for technical excellence and ensuring seamless collaboration with specialized teams such as CyberOps, EDR, Firewall, XDR, and VM.
• Lead the deployment and refinement of Security Automation solutions, maintaining their effectiveness and ensuring they adapt to the latest security threats and technologies.
• Produce detailed documentation and training materials to support the adoption and utilization of automated security solutions.
• Evaluate and optimize the performance of security automation implementations to ensure they deliver maximum efficiency and strategic value.

To be successful in this role, you’ll need to:

• Possess extensive experience and a deep understanding of security operations, incident response, and automation.
• Have considerable expertise in designing, implementing, and managing scalable and complex SOAR/hyperautomation solutions.
• Possess strong programming skills in Python, PowerShell, Bash, or Go, with a focus on security applications.
• Showcase profound expertise in cloud-native security, demonstrating the ability to design and implement robust security postures for cloud architectures, while understanding the unique challenges and opportunities they present.
• Demonstrate proficiency in integrating various security technologies like IDS/IPS, SIEM, EDR, and cloud security into SOAR/hyperautomation platforms.
• Have a solid grasp of threat modeling frameworks such as MITRE ATT&CK, Cyber Kill Chain and the Diamond Model.
• Champion threat intelligence analysis operations, workflows, and the strategic direction they should embrace.
• Be capable of automating and supporting threat intelligence analysis and operational workflows.
• Demonstrate excellent problem-solving abilities, capable of working both independently and as part of a collaborative team.
• Communicate effectively and  liaise with stakeholders across different functions.
• Experience with torq is strongly preferred.

ITAR Compliance

This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

• A citizen of the U.S.;
• A lawful permanent resident of the United States; 
• A person admitted to the United States as a refugee; or
• A person that has been granted asylum by the United States government.

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.

The salary range for this role is $160,000 to $240,000 + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.

#LI-KH1