Senior Security Operations Engineer – Your mission is to build automated fortresses that defend our global cloud infrastructure and protect customers from emerging threats. You’ll design, implement, and maintain detection pipelines, automate response processes, and mentor the next generation of security talent.
What You’ll Actually Do
Chaos Wrangler – Orchestrate SIEM/SOAR tools like a digital Mozart, automating routine analyst tasks.
ThreatBuster – Proactively hunt for threats before they appear, predict attacks, and surface actionable insights.
Trap Setter – Build custom YARA and Sigma rules that detect adversaries early, eliminating reliance on generic antivirus.
Master the Multi‑Cloud – Guard AWS, GCP, and Azure environments, tightening posture across all cloud accounts.
Fortune Teller – Ingest threat intelligence, analyze adversary activity, and translate rumors into defense strategies.
The Elite Mentor – Lead junior analysts and engineers, setting standards and guiding on‑call rotations.
The Cross‑Functional Diplomat – Bridge IT, DevOps, and Privacy teams to close gaps and enhance resilience across the organization.
Total Autonomy – Identify and fix gaps, automate processes, and drive initiatives without micromanagement.
Required Qualifications
5+ years of experience in one or more of the following areas:
Security Data Pipeline Engineering
Detection Engineering
SIEM Engineering
Cyber Intelligence and Threat Hunting
Security Platform Engineering
Proficiency with EDR/XDR tools (CrowdStrike, SentinelOne, MS Defender) and Cloud Security Posture Management solutions (Wiz, Prisma Cloud, Orca), as well as Web Application Firewalls (Cloudflare, Akamai).
Experience building data ingestion pipelines using CI/CD methodologies.
Proven skill in building, testing, and tuning custom detection logic and query languages (KQL, SQL, SPL).
Familiarity with attack frameworks (MITRE ATT&CK) and mitigation strategies.
Strong analytical and problem‑solving abilities.
Excellent communication and teamwork skills.
Preferred Qualifications
Security certifications such as GXPN, GCIA, GCTI, GCDA, or similar.
Experience architecting stateful automation pipelines using Python, Go, and enterprise SOAR platforms.
Ability to read and audit Terraform, Pulumi, or CloudFormation and experience with Infrastructure as Code (IaC).
Experience securing and monitoring containers within cloud environments.
#J-18808-Ljbffr