We are looking for an intermediate level security engineer to join our Security Trust and Response Team. As part of our modern cybersecurity operating model, the role will be engaged in enhancing our security technology stack, building AI driven security detection and automation workflows and contributing to security operations and threat management.
We are building a modern, multi-cloud, intelligence driven security operations capability that will heavily involve AI and automation; and will require engineering and operational skills at all levels.
Responsibilities:
Detection & Response - Build, maintain and enhance infrastructure related to detection & response engineering lifecycle, telemetry and log pipelines, automation and AI. Support alert pipeline and detection use case development.
AI, Automation & DevOps
- Agentic Workflow Development
- Build, manage, and optimize agentic workflows for security engineering and detection engineering operations. Ensure fast, secure, and reliable delivery of code while maintaining a focus on quality and production readiness.
- CI/CD Development and Management:
- Build, manage, and optimize Continuous Integration and Continuous Deployment (CI/CD) pipelines to enhance development workflows. Ensure fast, secure, and reliable delivery of code while maintaining a focus on quality and production readiness.
- Infrastructure as Code (IaC):
- Develop, enhance, and maintain Infrastructure as Code (IaC) templates or playbooks using tools such as Ansible, Terraform, CloudFormation, or equivalent.
- Collaborate with teams to standardize infrastructure provisioning and deployment across cloud and on-premise environments.
- Automation & Workflow Orchestration:
- Design and implement automated solutions and workflows using scripting languages (e.g., Python, Bash, PowerShell) or hyperautomation platforms.
- Leverage automation to orchestrate repetitive tasks, streamline operational processes, and improve system efficiency.
- DevOps Best Practices:
- Integrate DevOps principles into development lifecycles, promoting practices around collaboration, monitoring, and agile delivery.
- Continuously evaluate new tools and technologies to enhance the automation and DevOps toolkit.
- Security Engineering - Build, maintain and enhance our security operations technology stack, which includes cloud native solutions, cloud-based infrastructure and applications, next generation SIEMs and hyper automation solutions. Build and enhance security logging and detection engineering practices, and incorporate DevOps best practices into Security Engineering. Relentlessly automate and creatively incorporate AI into workflows. Experience in Agentic AI systems will be ideal.
- Security Projects - Lead projects and initiatives that may involve - Endpoint Security enhancements, Attack Simulation, Use Case Validation, Threat Hunting, Compromise Assessments, Network/Endpoint security reviews, etc.
- Leadership - Be comfortable with cross-functional leadership and stakeholder management. Be willing to mentor and contribute to the growth and capability of the team.
Requirements:
- 5-7 years of experience in Information Security, with technical hands-on experience in Security Engineering, Security Operations, Cyber Threat Intelligence, or Cloud Security.
- Proven experience with CI/CD tools (e.g. Spacelift, GitHub Actions).
- Proficiency with IaC tools like Terraform, Ansible, or CloudFormation.
- Strong scripting skills (e.g., Python, Bash, PowerShell) or familiarity with automation/orchestration platforms.
- Working Experience with SIEM, EPP/EDR/XDR, SOAR, Threat Intelligence Platforms (TIPs).
- Working experience with Cloud environments like AWS, Azure and GCP.
- Working experience in the practical implementation of operational, tactical and strategic threat intelligence.
- Experience in applying AI/ML in cybersecurity use cases.
- Highly self-motivated, attention to detail and outcome driven.
- Highly collaborative team player.
- Proficiency in verbal and written English.
