ARM
Security Automation and Detection Engineer - Contract Role
One-year contract role for a Security Automation and Detection Engineer. Proficient in MS Sentinel and KQL writing experience required. This contract position is hybrid; candidate must be able to work onsite at the Arm-Austin office a minimum of two days a week. Role Overview: Utilizing knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have 5-7 years experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities: Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration of log sources into Microsoft Sentinel SIEM.
Required Skills and Experience: Experienced in Microsoft Sentinel log onboarding, detection rule development and SOAR playbooks. Proficient in writing KQL for detection. Demonstrated ability in cybersecurity, with at least 3 years in a technical role in security operations and/or security software development. Solid understanding of security operations, automations standard processes, detection engineering and SIEM management. Experience with cloud security tools and platforms (e.g., Azure, AWS, Google Cloud) and their integration into SOC operations. Vendor-specific certifications for SOAR platforms (e.g., Sentinel SOAR, Splunk SOAR, Palo Alto Cortex XSOAR). Experience contributing to large-scale, sprint-based, security automation and detection engineering projects.
Nice To Have Skills and Experience: Ability to develop and implement long-term automation strategies aligned with security operation objectives. Ability to translate technical concepts into clear, actionable insights for technical and non-technical partners. Meticulous focus on ensuring accuracy, reliability, and security in automation workflows. Consistent record of implementing automation and integration solutions in a SOC or similar environment.
In Return: At Arm, we are guided by our core beliefs that reflect our creative culture and guide our decisions, defining how we work together to surpass ordinary and shape extraordinary. Accommodations at Arm: At Arm, we want our people to Do Great Things. If you need support or an accommodation to Be Your Brilliant Self during the recruitment process, please email accommodations@arm.com. By sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation requests will be treated with confidentiality. Examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process. Equal Opportunities at Arm: Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Hybrid Working at Arm: Arms hybrid approach to working is centred around flexibility, where we split our time between the office and other locations to get our work done. Details of what this means for each role will be shared upon application. Where applicable, flexibility may be limited by local legal, regulatory, tax, or other considerations; we will collaborate to find the best solution. Please talk to us to learn more about what this could look like for you. Seniority level Mid-Senior level Employment type
Contract Job function
Engineering Services and Computer and Network Security Referrals increase your chances of interviewing at Arm by 2x #J-18808-Ljbffr
One-year contract role for a Security Automation and Detection Engineer. Proficient in MS Sentinel and KQL writing experience required. This contract position is hybrid; candidate must be able to work onsite at the Arm-Austin office a minimum of two days a week. Role Overview: Utilizing knowledge of security operations, incident response, and detection engineering, you will be responsible for the delivery of SIEM detections and security automations. The successful candidate will be proficient in automation and orchestration tools (e.g., SOAR platforms, scripting languages like Python, PowerShell) and have 5-7 years experience with integrating security tools (e.g., SIEM, EDR, firewalls) APIs, and Case Management tools for data enrichment. Responsibilities: Design, implement, and maintain automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, cyber threat intelligence and vulnerability management. Build security automations, logging, and SIEM detections to improve the CDO's efficiency, scalability, and incident response capabilities. Collaborate with CDO analysts to identify repetitive tasks and automate them to improve operational efficiency. Collaborate with Threat Intelligence, Incident Response, and Attack Surface Management to build and tune robust SIEM detections for both proactive and reactive response actions. Continuously evaluate automation solutions for performance, reliability, and scalability, making improvements as necessary. Collaborate with third-party vendors and service providers to leverage automation opportunities and ensure successful integrations. Lead technical migration of log sources into Microsoft Sentinel SIEM.
Required Skills and Experience: Experienced in Microsoft Sentinel log onboarding, detection rule development and SOAR playbooks. Proficient in writing KQL for detection. Demonstrated ability in cybersecurity, with at least 3 years in a technical role in security operations and/or security software development. Solid understanding of security operations, automations standard processes, detection engineering and SIEM management. Experience with cloud security tools and platforms (e.g., Azure, AWS, Google Cloud) and their integration into SOC operations. Vendor-specific certifications for SOAR platforms (e.g., Sentinel SOAR, Splunk SOAR, Palo Alto Cortex XSOAR). Experience contributing to large-scale, sprint-based, security automation and detection engineering projects.
Nice To Have Skills and Experience: Ability to develop and implement long-term automation strategies aligned with security operation objectives. Ability to translate technical concepts into clear, actionable insights for technical and non-technical partners. Meticulous focus on ensuring accuracy, reliability, and security in automation workflows. Consistent record of implementing automation and integration solutions in a SOC or similar environment.
In Return: At Arm, we are guided by our core beliefs that reflect our creative culture and guide our decisions, defining how we work together to surpass ordinary and shape extraordinary. Accommodations at Arm: At Arm, we want our people to Do Great Things. If you need support or an accommodation to Be Your Brilliant Self during the recruitment process, please email accommodations@arm.com. By sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation requests will be treated with confidentiality. Examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process. Equal Opportunities at Arm: Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Hybrid Working at Arm: Arms hybrid approach to working is centred around flexibility, where we split our time between the office and other locations to get our work done. Details of what this means for each role will be shared upon application. Where applicable, flexibility may be limited by local legal, regulatory, tax, or other considerations; we will collaborate to find the best solution. Please talk to us to learn more about what this could look like for you. Seniority level Mid-Senior level Employment type
Contract Job function
Engineering Services and Computer and Network Security Referrals increase your chances of interviewing at Arm by 2x #J-18808-Ljbffr