Lead SecDevOps Engineer

Design build and maintain automation frameworks and integrations that enhance security operations threat intelligence and detection engineering efforts

Collaborate with security teams to develop and optimize security workflows automation playbooks and integrations between security tools SIEMs SOAR platforms EDR XDR and case management systems

Engineer and maintain cloud native security solutions in AWS Azure and other cloud environments ensuring security compliance and scalability

Develop and implement Infrastructure as Code IaC solutions using Terraform Ansible or similar technologies to deploy and manage security tooling

Work closely with the software engineering and DevOps teams to embed security into CICD pipelines ensuring secure code deployment and automated security testing
Support log aggregation enrichment and correlation across multiple data sources to enhance threat detection and response capabilities

Implement and maintain API driven integrations between security platforms automation tools and threat intelligence feeds

Optimize security telemetry ingestion correlation and alerting workflows to improve security detection and response effectiveness

Lead engineering efforts for security tooling ensuring alignment with overall security architecture and operational requirements

Conduct security assessments of automation tools and integrations identifying gaps and implementing security enhancements

Partner with the security and operations teams to build and refine detection logic response automation and platform tuning for SOC efficiency

Qualifications and Experience

5 plus years of experience in SecDevOps Security Automation or a related engineering role
Strong hands on experience with security automation platforms eg Torq Phantom Cortex XSOAR or similar SOAR solutions
Expertise in scripting and automation using Python PowerShell Bash or Go
Experience working with SIEMs Splunk Stellar Cyber Sentinel etc and designing log aggregation correlation and alerting workflows
Proficiency in cloud security engineering for AWS Azure or GCP including deployment of security controls and monitoring solutions
Experience with Infrastructure as Code IaC tools like Terraform Ansible or CloudFormation
Strong understanding of DevOps principles and experience securing CICD pipelines with tools such as GitHub Actions GitLab CICD Jenkins or similar
Proficiency in API development and integration leveraging RESTful APIs webhooks and automation frameworks
Experience with container security Docker Kubernetes and implementing security controls for microservices architectures
Familiarity with threat intelligence platforms TIPs and their integration with security tools
Knowledge of secure coding practices and ability to perform security reviews of automation code and integrations
Strong problem solving skills and ability to work in a fast paced collaborative environment

Preferred Qualifications
Experience working in an MSSP or SOC environment
Certifications such as AWS Certified Security Specialty Azure Security Engineer GIAC GCFA GCIA CISSP or OSCP
Experience with Kafka Elastic Stack or other log aggregation and analytics platforms
Knowledge of machine learning models for security automation and AI enhanced security analytics
Background in offensive security red teaming or penetration testing with a focus on automation and tool development