Principal Cyber Defense Python Security Engineer

We are unable to sponsor for this permanent full-time role.

Position is bonus eligible.

Prestigious Enterprise Company is currently seeking a Principal Cyber Defense Security Engineer with strong Python development and scripting experience. Candidate will architect, develop, and implement advanced technical solutions that empower our cyber defense investigations and incident response teams. You will work independently and in teams to design and implement effective and sustainable capabilities to detect and prevent cyber-attacks, optimize our incident response processes, and enhance the effectiveness of mitigation, containment, and recovery. You must be comfortable with failing quickly and creating value through iteration and experimentation. You will not be alone in your efforts; you will be part of a supportive and energetic team of doers who will be there to lend a hand, brainstorm solutions, and encourage you when you hit roadblocks.

The role requires creativity, curiosity, and determination. If you identify with this job description, we’d love to hear from you!

1. Solution Engineering: design, develop, and deploy cyber defense tools, platforms, and capabilities that support threat detection, incident response, and forensic investigations.
2. Technical Leadership: serve as a subject matter expert on cyber defense engineering, providing guidance and technical insights to our customers, your peers, and the cyber engineering strategy.
3. Threat Analysis: collaborate with cyber defense operations to analyze emerging threats and current gaps in technical capabilities, implementing measures to strengthen defense mechanisms.
4. Develop and refine threat defense analytics to effectively detect cyber-attacks against DDC.
5. Build task automation and procedure orchestration to support cyber defense operations.
6. Problem Solving: capable of working, both independently and in teams, to troubleshoot and resolve complex cyber engineering challenges, identify the root cause of capability outages and errors, and develop sustainable solutions.
7. Innovation & Continuous Improvement: stay abreast of the latest trends and technologies in cybersecurity, applying best practices to continuously enhance our defense strategies and capabilities.
8. Documentation: maintain accurate procedures and documentation for all capabilities and services in scope for the Platforms & Automation team.
9. On-Call: support cyber defense capability availability incidents and support the cyber defense operations team while gaining hands-on experience with our investigation process to identify automation opportunities.

1. Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant experience and military experience are acceptable in lieu of a degree.
2. 8+ years of experience in cybersecurity engineering, detection engineering, incident response, or similar roles, with a proven track record of problem solving in high-stakes environments.
3. Significant experience using Python for automation, orchestration, and capability development.
4. Hands-on experience deploying and configuring security platforms such as SIEM, SOAR, EDR, NGFW, and network monitoring tools.
5. Experience integrating cyber defense tools and utilizing APIs for process automation.
6. Experience building and deploying threat defense analytics using detection engineering pipelines.
7. Strong analytical skills with attention to detail.
8. Strong technical writing skills including documentation, process mapping, and visualization, with the ability to communicate complex concepts effectively.
9. Proven ability to work autonomously, lead projects, and overcome challenges in a collaborative environment.
10. Cloud engineering experience.
11. Experience implementing LLMs, ML, or other advanced analytics into cybersecurity workflows.