Sr Security Engineer

What you'll do

• Automation of Security Processes:


• Develop, implement, and manage automated workflows for incident detection, investigation, and remediation.
• Automate routine security tasks such as log analysis, vulnerability scanning, and patch management.
• Integrate security tools (SIEM, SOAR, endpoint protection, threat intelligence platforms) to create seamless, automated workflows.
 
Incident Response Automation:
• Work with the Incident Response team to identify opportunities for automation in response procedures.
• Develop automated playbooks for various incident types (e.g., phishing, malware, DDoS attacks) to reduce response time and human error.
• Implement automated alert triage systems to prioritize and categorize security incidents based on severity.
 
Threat Intelligence Integration:
• Automate the ingestion and processing of threat intelligence feeds (e.g., IOCs, TTPs) into security monitoring systems.
• Enhance threat detection capabilities by integrating real-time threat intelligence into automated workflows.
 
Continuous Improvement:
• Continuously evaluate and improve automated security processes for efficiency, effectiveness, and scalability.
• Identify gaps in automation and develop new solutions to improve response times and security coverage.
• Monitor automation processes and tools to ensure they operate effectively and without interruption.
 
Collaboration & Communication:
• Work closely with the SOC team to ensure automation initiatives align with the organization’s security policies and standards.
• Collaborate with IT, DevOps, and Engineering teams to ensure automated security solutions are integrated across the infrastructure.
• Provide documentation and training to security teams on new automated processes and tools.


Security Monitoring and Reporting:
• Develop dashboards and reports to track the performance of automated security processes and identify areas for improvement.
• Ensure that key security metrics (e.g., mean time to detect, mean time to respond) are optimized via automation.


Security Tool Management:
•  Manage and maintain automation tools, ensuring they are up to date and optimized for maximum performance.
• Evaluate and implement new security automation tools and technologies as appropriate.

What you'll bring:

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent work experience).
• Minimum of 5-10 years of experience in a Security Operations role (SOC, Incident Response, or Threat Intelligence).
• Proven experience with security automation tools, SIEM platforms (e.g., MS Sentinel).
• Experience with scripting languages (Python, PowerShell, Bash) and automation frameworks (e.g., Ansible, Terraform, or similar).
• Hands-on experience with security technologies such as IDS/IPS, endpoint protection, firewalls, and vulnerability management tools.


Technical Skills:
• Expertise in implementing and managing security automation processes and systems.
• Familiarity with cloud environments (AWS, Azure, GCP) and cloud-native security tools.
• Experience in building and maintaining automated incident response playbooks.
• Proficiency in security monitoring tools such as SIEM, EDR, NDR, and IDS/IPS.
 
Soft Skills:
• Strong problem-solving and analytical skills.
• Excellent communication skills and ability to collaborate with cross-functional teams.
• Ability to prioritize tasks, manage time effectively, and work under pressure.
• Strong attention to detail and commitment to continuous learning.


Desirable:
• Certifications such as CISSP, CEH, CISM, or similar are highly desirable.
• Familiarity with DevSecOps practices and CI/CD pipeline security.
• Experience with threat hunting and proactive security measures.