Expert Cyber Defense Engineer - SIEM, SOAR, Python

Remote But not allowed in the following States: Alaska, North Dakota, Nebraska, Hawaii, Oklahoma, Vermont, Maine, West Virginia, Wyoming, New Hampshire, Puerto Rico.

We are unable to sponsor as this is a permanent full-time role.

A prestigious company is looking for an Expert Cyber Defense Engineer. This engineer will focus on SOAR detection engineering, SIEM, incident response, cyber defense, automation (Python), threat analysis, etc.

1. Solution Engineering: Design, develop, and deploy cyber defense tools, platforms, and capabilities supporting threat detection, incident response, and forensic investigations.
2. Technical Leadership: Serve as a subject matter expert on cyber defense engineering, providing guidance and insights to customers, peers, and strategy.
3. Threat Analysis: Collaborate with cyber defense operations to analyze emerging threats and gaps, implementing measures to enhance defenses.
4. Develop and refine threat defense analytics to detect cyber-attacks against DDC.
5. Build task automation and procedure orchestration to support cyber defense operations.
6. Innovation & Continuous Improvement: Stay updated on cybersecurity trends, applying best practices to improve strategies and capabilities.
7. Documentation: Maintain accurate procedures and documentation for all capabilities and services in the Platforms & Automation team.
8. On-Call: Support cyber defense incidents and operations, with hands-on experience in investigation processes to identify automation opportunities.

1. Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant military experience is acceptable in lieu of a degree.
2. 8+ years of experience in cybersecurity engineering, detection engineering, incident response, or similar roles, with proven problem-solving skills in high-stakes environments.
3. Significant experience using Python for automation, orchestration, and capability development.
4. Hands-on experience deploying and configuring security platforms like SIEM, SOAR, EDR, NGFW, and network monitoring tools.
5. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation.
6. Experience building and deploying threat defense analytics using detection engineering pipelines.
7. Strong technical writing skills, including documentation development, process mapping, and visualization, with the ability to explain complex technical concepts to diverse audiences.