(Senior) Security Engineer, Security Engineering & Threat Intelligence
Job Overview:
We are seeking an intermediate-level security engineer to join our Global Cybersecurity Services Team. In this role, you will play a crucial part in enhancing our security technology stack, developing AI-driven security automation workflows, and contributing to security operations and threat management within our modern cybersecurity operating model.
Responsibilities:
Participate in the detection and response engineering lifecycle by developing, analyzing, and tuning alerts for stakeholders to ensure accuracy and high quality detections. This involves deep diving into telemetry and alerts, conducting log reviews, and root cause analysis using various tools.
Build, maintain, and enhance our Continuous Integration/Continuous Development (CICD) capabilities. Develop and improve Infrastructure as Code (IaC) templates or playbooks using tools like Ansible, Terraform, Cloudformation, and utilize scripting and hyper-automation platforms for workflow automation.
Develop and maintain our security operations technology stack, including next-generation Security Information and Event Management (SIEM) and hyper-automation solutions. Manage security logging and detection engineering practices and integrate AI into workflows creatively.
Gather and analyze threat intelligence data from diverse sources and platforms, analyze threat actor capabilities, perform targeted attack analysis, and translate threat intelligence into actionable outputs. Collaborate with other security stakeholders during incidents.
Lead various security projects ranging from Endpoint Security enhancements to Attack Simulation and Threat Hunting. Additionally, provide leadership that involves mentoring team members and contributing to team growth.
Requirements:
5-7 years of hands-on technical experience in Information Security fields such as Security Engineering, Operations, Threat Intelligence, Digital Forensics, Incident Response, Endpoint, or Cloud Security.
Experience with security tools including SIEM, EPP/EDR/XDR, SOAR, Threat Intelligence Platforms (TIPs), and Open Source Threat Intelligence solutions.
Proficiency working in Cloud environments such as AWS, Azure, and GCP, along with Cyber Threat Intelligence roles.
Practical implementation experience with operational, tactical, and strategic threat intelligence and applying AI/ML in cybersecurity use cases.
Skilled in scripting languages for task automation and data manipulation.
Self-motivated, detail-oriented, and goal-driven with excellent verbal and written communication skills in English.
