Role Overview
As a Platform Security Operations Engineer, you’ll support incident response and threat hunting teams by building, maintaining, and optimizing the infrastructure and tooling needed for effective threat detection, investigation, and response. You’ll automate security workflows and ensure the reliability of security platforms while improving detection and response capabilities.
Security Platform Engineering
Implement automated threat intelligence integrations
Maintain threat hunting infrastructure and tools
Automate incident response workflows and playbooks
Detection Engineering Support
Develop and maintain infrastructure for detection engineering workflows
Implement automated validation of detection quality
Support threat hunting infrastructure needs
Incident Response Infrastructure
Maintain emergency response platforms and tools
Implement automated containment and response capabilities
Automation & Integration
Automate routine security operations tasks
Develop custom integration between security tools
Create self-service security tooling for IR teams
Required Qualifications:
4+ years of DevOps/Platform Engineering experience
Strong experience with:
Understanding of:
MITRE ATT&CK framework
Incident response processes
Threat hunting methodologies
Security data analysis
Cloud platforms (AWS, Azure, GCP)
Log aggregation and processing
Python/Go programming
SIEM platforms (Splunk, ELK)
Preferred Skills:
Experience with:
SOAR platforms (Phantom, Demisto)
EDR platforms
Security automation frameworks
