Position: Cyber Security Engineer (L3)
Location: Remote
Experience Level: 5+ Years
Job Type: Full-time
Job Summary:
This role will lead the development and implementation of intelligent security solutions using SIEM, SOAR, and machine learning to enhance detection, response, and operational efficiency across the enterprise.
Key Responsibilities
* Design, implement, and manage enterprise SIEM (Splunk) solutions for centralized log analysis and real-time event monitoring.
* Develop and fine-tune correlation rules, alerts, dashboards , and use cases to detect anomalous and malicious activity.
* Lead data ingestion and normalization from varied enterprise systems (e.g., cloud workloads, endpoints, network devices).
* Develop and maintain SOAR playbooks to automate incident detection, triage, response, and recovery.
* Optimize SOAR workflows and integrations with security infrastructure to reduce MTTD/MTTR.
* Build and apply machine learning models to identify security anomalies, enrich event context, and predict threats.
* Collaborate with Security Operations Center (SOC) , DevOps , IT , and business units to align security automation with business goals.
* Analyze incident data to uncover trends and provide recommendations for improving controls and detection.
* Maintain detailed documentation for playbooks, integrations, automation processes, and incident response protocols.
* Stay abreast of industry trends and emerging tools to continually advance detection and automation strategies.
* Mentor junior engineers and assist in promoting SOAR and SIEM best practices across the team.
Required Qualifications
* 4+ years of experience in cybersecurity engineering , including SIEM (Splunk), SOAR, and machine learning-based threat detection.
* 3+ years of experience in security automation using platforms such as Splunk SOAR, XSOAR, Swimlane , or similar.
* 3+ years in cyber data engineering or analytics: log processing, enrichment, and telemetry pipelines.
* Expertise in scripting languages like Python and PowerShell , and using REST APIs for integrations.
* Proven experience designing and deploying security automation workflows in enterprise environments.
* Bachelor's degree in Computer Science , Information Security , Engineering , or related field-or equivalent experience.
* Ability to troubleshoot complex security issues and integrate with diverse platforms.
* Strong communication and collaboration skills to work with technical and non-technical stakeholders.
Preferred Qualifications
* Hands-on experience with cloud platforms such as AWS , Azure , or Google Cloud Platform .
* Familiarity with cloud-native security tooling , telemetry pipelines, and serverless security design patterns.
* Experience working within Agile environments and cross-functional DevSecOps teams.
* Knowledge of change management processes , compliance frameworks (e.g., NIST, ISO), and regulatory constraints in financial services.
Why Join This Engagement?
* Help build the next generation of cybersecurity automation for a major financial institution.
* Work with cutting-edge security architecture in a cloud-first, data-driven environment .