Principal Security Automation Engineer (SOAR)-Remote

Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For list for ten consecutive years. We have also earned awards as a best place to work for women, diversity, and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.

The Principal Security Engineer is responsible for leading the development and application of security orchestration, automation, and response (SOAR) solutions that enable the success of Security Operations Center (SOC) initiatives. This position requires deep, expert-level technical experience automating SOC workflows. The Principal Security Engineer primarily interfaces with the SOC as well as other teams within Information Security. The role involves designing, implementing, and maintaining SOAR workflows to improve SOC efficiency and effectiveness, creating playbooks, integrating security tools, automating repetitive tasks, and collaborating with SOC analysts and IT teams to optimize incident response. Additionally, the Principal Security Engineer leads the SOC’s security automation architecture and strategic roadmap, develops metrics to measure program maturity and value, and supports the Information Security Incident Response program to protect information systems from unauthorized access, use, disclosure, disruption, modification, inspection, recording, or destruction.

What You'll Do:

1. Lead design, develop, and implement SOAR playbooks and workflows.
2. Investigate, recommend, evaluate, deploy, and integrate security tools and systems with the SOAR platform to enhance protection of corporate assets and infrastructure.
3. Automate repetitive SOC processes to improve efficiency and response times.
4. Collaborate with SOC analysts to understand operational requirements and tailor automation solutions.
5. Monitor and maintain the SOAR platform to ensure optimal performance and uptime.
6. Develop test plans and conduct rigorous testing and validation of playbooks for reliability and effectiveness.
7. Provide technical expertise and troubleshooting for SOAR-related issues.
8. Document playbooks, workflows, and integrations thoroughly for SOC reference.
9. Stay updated on advancements in SOAR platforms, cybersecurity threats, and best practices.
10. Monitor, report, and resolve security-related problems and discrepancies.
11. Participate as a member of the Information Security Incident Response Team.
12. Participate in cybersecurity incident investigations.
13. Perform duties outside of normal work hours as needed based on business requirements.

What You'll Bring:

1. Minimum 7+ years of information security experience working in a SOC.
2. At least 5+ years of hands-on experience with SOAR technologies and SOC tools.
3. Relevant licenses or certifications such as CISSP, GCIH, GIAC, or SOAR-specific credentials.
4. BS Degree in Computer Science, Information Technology, Cybersecurity, or equivalent work experience.
5. Hands-on knowledge of SOAR platforms and integration of security tools.
6. Strong understanding of incident response processes, security tools, and cybersecurity frameworks.
7. Proficiency in scripting languages (e.g., Python, JavaScript) for automation and integration.
8. Experience with APIs and system integrations for security tools.
9. Experience with SIEM solutions and threat intelligence platforms.
10. Knowledge of IT infrastructure and network security.
11. Experience in implementing information security technologies and processes.
12. Experience in product evaluation and managing vendor relationships.
13. Ability to define security strategy and integrate security technologies into corporate frameworks.
14. Strong communication and collaboration skills.

Pay Range: $166,800.00 - $222,300.00 annually

This pay range is an estimate based on various factors including experience, skills, and location.

First American will consider all qualified applicants, including those with arrest or conviction records, in accordance with applicable laws. Background checks may be conducted for employment consideration, especially for roles involving handling confidential information, financial transactions, or customer data.

Our People First Culture celebrates diversity, equity, and inclusion. We foster an authentic and inclusive workplace where everyone can bring their full selves to work. We offer a comprehensive benefits package including medical, dental, vision, 401k, PTO, paid sick leave, and other benefits like an employee stock purchase plan.