Security Automation & Operations Engineer, Global SOC

Minimum Qualifications

• Hands-on experience in a cybersecurity engineering or security automation role, with demonstrated ability to write and ship production code.
• Proficient in Python (preferred), Bash, or Ansible for building automation and tool integrations.
• Familiarity with security engineering tasks such as log parsing, detection rule development, and alert correlation using code-based approaches.
• Strong understanding of enterprise security tools and operational best practices (e.g., SIEM, EDR, CASB, vulnerability management).
• Experience working in environments with CI/CD pipelines, containers, and infrastructure-as-code.

Preferred Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or a related STEM field.
• Hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR) and building custom playbooks or integrations via APIs.
• Experience building security automations using APIs, webhooks, and event-driven architectures.
• Exposure to AI/ML concepts applied to security operations (e.g., threat classification, anomaly detection, behavioral modeling).
• Strong problem-solving skills and a software engineering mindset applied to security challenges.
• Experience with cloud-native security tooling (e.g., AWS Security Hub, Azure Sentinel) and scripting for cloud environments.
• Knowledge of securing distributed data systems (e.g., Hadoop, Redshift, BigQuery, Azure Synapse).
• Relevant certifications (e.g., OSCP, CISSP, GIAC, AWS/GCP cloud certs) are a plus.