Overview
On Site
$100 - $110
Contract - W2
Contract - 12 Month(s)
Skills
Incident Management
SIEM
Sprint
Python
Palo Alto
Migration
Microsoft Azure
Windows PowerShell
Cyber Security
Google Cloud Platform
Amazon Web Services
Scripting
Workflow
Vulnerability Management
Sentinel
Microsoft Sentinel
Splunk
Microsoft
Google Cloud
Security Operations
Job Details
Position: Security Automation and Detection Engineer
Position type: 12 months contract
Work Location: Austin, TX 78735
Client: Direct
Position type: 12 months contract
Work Location: Austin, TX 78735
Client: Direct
Note:
- There will be two rounds of interviews, both technically focused on the candidates skill set.
- Needs to be an experienced candidate (5-7 years).
Role Overview:
- Utilising knowledge of security operations, incident response, and detectionengineering, you will be responsible for the delivery of SIEM detections and security automations.
- The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment.
Responsibilities:
- Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities.
- Design, implement, and maintain automated workflows and playbooks tostreamline CDO operations, including incident response, threat hunting, cyberthreat intelligence and vulnerability management.
- Collaborate with CDO analysts to identify repetitive tasks and automate them toimprove operational efficiency.
- Collaborate with Threat Intelligence, Incident Response, and Attack SurfaceManagement to build and tune robust SIEM detections for both proactive andreactive response actions.
- Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements, as necessary.
- Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations.
- Lead technical migration of log sources into Microsoft Sentinel SIEM.
Required Skills and Experience:
- Demonstrated ability in cybersecurity, with at least 3 years in a technical role in security operations and/or security software development.
- Solid understanding of security operations, automations standard processes, detection engineering and SIEM management.
- Experience with cloud security tools and platforms (e.g. Azure, AWS Google Cloud) and their integration into SOC operations.
- Vendor-specific certifications for SOAR platforms (e.g., Sentinel SOAR, Splunk SOAR, Palo Alto Cortex XSOAR).
- Experience contributing to large-scale, sprint-based, security automation and detection engineering projects.
Nice To Have Skills and Experience:
- Ability to develop and implement long-term automation strategies aligned with security operation objectives.
- Ability to translate technical concepts into clear, actionable insights for technical and non-technical partners.
- Meticulous focus on ensuring accuracy, reliability, and security in automation workflows!
- Consistent record of implementing automation and integration solutions in a SOC or similar environment!
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.