About the Role:
As a Platform Security Operations Engineer, you’ll support incident response and threat hunting teams by building, maintaining, and optimizing the infrastructure and tooling needed for effective threat detection, investigation, and response. You’ll automate security workflows and ensure the reliability of security platforms while improving detection and response capabilities.
Security Platform Engineering
Implement automated threat intelligence platforms and integrations
Design and maintain threat hunting infrastructure and tools
Automate incident response workflows and playbooks
Detection Engineering Support
Develop and maintain infrastructure for detection engineering workflows
Create automated testing environments for detection rules
Build CI/CD pipelines for detection deployment
Implement automated validation of detection quality
Support threat hunting infrastructure needs
Incident Response Infrastructure
Maintain emergency response platforms and tools
Implement automated containment and response capabilities
Automation & Integration
Automate routine security operations tasks
Develop custom integration between security tools
Create self-service security tooling for IR teams
Build automated reporting and metrics collection
What You'll Need:
8+ years of DevOps/Platform Engineering experience
What You'll Do:
Understanding of:
MITRE ATT&CK framework
Incident response processes
Threat hunting methodologies
Security data analysis
Cloud platforms (AWS, Azure, GCP)
Log aggregation and processing
Python/Go programming
SIEM platforms (Splunk, ELK)
Infrastructure as Code (Terraform, Ansible)
Git and CI/CD pipelines
Containerization (Docker, Kubernetes)
Preferred Skills:
Experience with:
SOAR platforms (Phantom, Demisto)
EDR platforms
Threat intelligence platforms
Security automation frameworks
