Cybersecurity Software Engineer
Within our Information Security team, we seek top talent to help us continuously improve our security capabilities against the ever-changing threat landscape.
We're looking for an experienced developer who thrives at the intersection of innovation and security and can bridge the gap between pure software engineering and SOC (Security Operations Center) platform operations. You bring a securityfirst mindset and a relentless drive to create security solutions that close gaps before they become problems.
Specifically, we need to highlight the transition from general tool building to SOAR (Security Orchestration, Automation, and Response) development and the administration of the platforms themselves.
If you're a visionary developer who wants to leave a lasting impact on how security powers innovation, this is your team.
Responsibilities
- SOAR Development & Orchestration: Design, develop, and maintain automated playbooks within our SOAR platform (e.g., Splunk SOAR, Palo Alto XSOAR, or Tines) to streamline incident response and threat hunting.
- Platform Administration: Act as the primary administrator for SOC-centric platforms, ensuring system health, performing upgrades, and managing complex integrations with SIEM, EDR, and Firewall logs.
- API & Integration Engineering: Build and maintain custom connectors and middleware to bridge gaps between disparate security tools and cloud environments.
- Agentic AI Implementation: Apply agentic AI-based techniques and prompt engineering to build autonomous security agents that assist analysts in triaging alerts and summarizing threats.
- Process Engineering: Collaborate with SOC analysts to translate manual swivel-chair processes into sophisticated, logic-based automated workflows.
Minimum Qualifications
- Education: Bachelor's degree in Computer Science, Cybersecurity, or any related technical field.
- Security Platform Expertise: Proven experience administering, configuring, or developing within a major SOAR platform (e.g., Tines, Splunk SOAR/Phantom, Palo Alto XSOAR, or Swimlane).
- SOC Infrastructure: Strong experience managing the health and integrations of SOC tools (SIEM, EDR, and Firewall logs).
- Integration Skills: Deep understanding of RESTful APIs, JSON, and webhook-based integrations to connect security toolsets.
- Cloud & Infrastructure: Strong understanding of at least one cloud platform (AWS, Azure, or GCP) and experience with containerized environments (Docker/Kubernetes).
- Communication: Strong verbal and written English skills to bridge the gap between high-level security strategy and deep technical execution.
Preferred Qualifications
- Development: 5+ years of extensive web development experience using Python/Django (specifically for backend automation and API consumption).
- AI/LLM Frameworks: Hands-on experience with AI prompt engineering and the use of the LangChain framework.
- Security-as-Code: Experience with CI/CD pipelines (GitLab/GitHub Actions) to manage security configurations as code.
- Cybersecurity Background: Direct experience in cybersecurity-focused software development or incident response.
- Certifications: Cloud security-related certifications such as AWS Certified Security Specialty or equivalent.
