Senior Security Engineer, Security Engineering & Threat Intelligence

We are looking for an intermediate level security engineer to join our Global Cybersecurity Services Team. As part of our modern cybersecurity operating model, the role will be engaged in enhancing our security technology stack, building AI driven security automation workflows, and contributing to security operations and threat management.

We are building a modern, multi-cloud, intelligence driven security operations capability that will heavily involve AI and automation; and will require engineering and operational skills at all levels.

• Detection & Response - Be part of the detection & response engineering lifecycle to develop, analyze, and tune alerts for stakeholders to ensure detections are accurate and of high quality. This includes deep diving into telemetry and alerts sent to security operations, performing log review and root cause analysis. Proficient in investigations using open source and proprietary tools, including but not limited to EPP/EDR/XDR software, SIEM platforms, automation, etc.
• Automation & DevOps - Build, maintain, and enhance our CI/CD capabilities. Develop and enhance IaC templates or playbooks using tools such as Ansible, Terraform, CloudFormation, etc. Experience with integrating and/or using hyperautomation platforms to automate and orchestrate workflows.
• Security Engineering - Build, maintain, and enhance our security operations technology stack, including next-generation SIEM and hyperautomation solutions. Build and improve security logging and detection practices, manage the detection use case lifecycle. Continuously automate and incorporate AI into workflows.
• Threat Intelligence Management
• Threat Intelligence Collection - Gather and analyze data from diverse sources, including OSINT, dark web forums, commercial feeds, and internal telemetry.
• Threat Analysis - Assess threat actor capabilities, motivations, TTPs; perform targeted attack analysis, attribution, and recommend improvements for the security program and controls.
• Making Threat Intelligence Actionable - Translate intelligence into actionable outputs. Familiarity with deception technology is a plus.
• Collaboration & Incident Support - Partner with security stakeholders to contextualize threats, provide CTI insights during incidents, and prioritize defensive actions.
• Security Projects - Lead initiatives such as Endpoint Security enhancements, Attack Simulation, Threat Hunting, and more.
• Leadership - Demonstrate cross-functional leadership, stakeholder management, and mentor team members.

• 5-7 years of experience in Information Security, including hands-on roles in Security Engineering, Operations, Threat Intelligence, Forensics, Incident Response, Endpoint or Cloud Security.
• Experience with SIEM, EPP/EDR/XDR, SOAR, TIPs, and open source threat intelligence solutions like MISP, OpenCTI.
• Experience with Cloud platforms such as AWS, Azure, GCP.
• Background in Cyber Threat Intelligence roles.
• Knowledge of operational, tactical, and strategic threat intelligence.
• Experience applying AI/ML in cybersecurity use cases.
• Proficiency in scripting or programming languages for automation and data manipulation.
• Self-motivated, detail-oriented, outcome-driven.
• Excellent verbal and written English skills.